Efficient computation of a threshold partially-oblivious pseudorandom function

ABSTRACT

A computing device includes an interface configured to interface and communicate with a communication system, a memory that stores operational instructions, and processing circuitry operably coupled to the interface and to the memory that is configured to execute the operational instructions to perform various operations. The computing device processes an input value in accordance with a Threshold Partially-Oblivious Pseudorandom Function (TP-OPRF) blinding operation to generate a blinded input. The computing device then selects a threshold number of shareholder computing devices that are associated with a Key Management System (KMS) service and transmits the blinded input to them. The computing device then receives at least a threshold number of blinded output components from at least some of the shareholder computing devices and processes them to generate a blinded output. The computing device then processes the blinded output in accordance with a TP-OPRF unblinding operation to generate a key.

BACKGROUND

This invention relates to security, encryption, and key management, andmore specifically, to such operations, functions, and capabilities foruse in accordance with operations based on communication systems andcommunications related to one or more Key Management Systems (KMSs) thatoperate based on one or more Threshold Partially-Oblivious PseudorandomFunctions (TP-OPRFs).

In certain prior art communication system systems, ever-increasingquantities of data is stored online. Some data therein is critical,encrypted, secure, and/or private. For example, much of this data isprivate and some may be protected by confidentiality laws andregulations. Some of the data is encrypted to guard data from maliciousinsiders, external attackers, and/or accidental exposure requires.Encryption can operate using one or more encryption keys. Withoutappropriate encryption key(s), encrypted data cannot be deciphered.Therefore, reliable supply and management of keys is essential wheneverdealing with encrypted data.

In addition, more recently, certain information is stored within one ormore remote storage devices that are operated and maintained by anotherparty. In certain prior art implementations, this other party serviceprovider will have access to and be able to see the one or moreencryption keys that is stores, manages, and provides to the clientsand/or users that it services. In such situations, such a client and/oruser can be totally susceptible and vulnerable to any bad intentions,behavior, lack of trust, etc. of such another party service provider.

Prior art approaches that are implemented to store keys for such usescan be vulnerable to attacks based on their architecture having apotential single point of failure or compromise. For example, without areplication mechanism, given the potential single point of failure orcompromise, the prior art does not provide a high degree of reliability.Also, within such prior art systems, a prior art KMS service learnsand/or possesses root keys as may be used therein thereby requiringabsolute or an acceptably very high degree of trust for such a prior artKMS service. Also, within such prior art systems, a breach of such a KMSservice may be result in a situation that cannot be mitigated or may betotally unrecoverable.

SUMMARY

Embodiments of the present invention disclose a computer-implementedmethod, a system, and a computer program product for architecture,implementation, operation, functionality, and processing of a verycomputationally efficient one or more Key Management Systems (KMSs) thatoperate based on one or more Threshold Partially-Oblivious PseudorandomFunctions (TP-OPRFs).

An input value that is associated with a key is processed based on ablinding key in accordance with a Threshold Partially-ObliviousPseudorandom Function (TP-OPRF) blinding operation to generate a blindedinput. Then, a threshold number of shareholder computing devices thatare associated with a Key Management System (KMS) service are selected.Note that a TP-OPRF key includes a plurality of unique PRF keys that aredistributedly stored among a plurality of shareholder computing devices.Also, note that the threshold number of shareholder computing devicesincludes fewer than all of the plurality of shareholder computingdevices in some examples and all of the plurality of shareholdercomputing devices in other examples.

The blinded input is then transmitted to at least the threshold numberof shareholder computing devices associated with the KMS service. Afterappropriate processing by the at least the threshold number ofshareholder computing devices associated with the KMS service, at leasta threshold number of blinded output components is received therefrom.Note that a blinded output component of the at least the thresholdnumber of blinded output components is based on processing of theblinded input based on a Partially-Oblivious Pseudorandom Function(P-OPRF) using a unique share of a P-OPRF secret and an arbitraryexposed message by a shareholder computing device of the plurality ofshareholder computing devices. Also, note that the arbitrary exposedmessage is known to the shareholder computing device of the plurality ofshareholder computing devices, and the unique share of the P-OPRF secretis associated with the shareholder computing device of the plurality ofshareholder computing devices.

The at least the threshold number of blinded output components is thenprocessed to generate a blinded output. The blinded output is thenprocessed based on the blinding key in accordance with a TP-OPRFunblinding operation to generate the key that is associated with theinput value. If desired, secure information is then accessed based onthe key.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A is a diagram illustrating an embodiment of one or morecommunication systems supporting a Key Management System (KMS) accordingto various embodiments of the present invention;

FIG. 1B is a diagram illustrating an embodiment of one or morecommunication systems according to various embodiments of the presentinvention;

FIG. 1C is a diagram illustrating an embodiment of a computing deviceconfigured to operate within one or more communication systems accordingto various embodiments of the present invention;

FIG. 1D is a diagram illustrating an embodiment of a wirelesscommunication system according to various embodiments of the presentinvention;

FIG. 2A is a diagram illustrating another embodiment of one or morecommunication systems supporting a KMS according to various embodimentsof the present invention;

FIG. 2B is a diagram illustrating another embodiment of one or morecommunication systems supporting a KMS according to various embodimentsof the present invention;

FIG. 3A is a diagram illustrating another embodiment of one or morecommunication systems supporting a KMS according to various embodimentsof the present invention;

FIG. 3B is a diagram illustrating an embodiment of one or morecommunication systems supporting a KMS based on an ObliviousPseudorandom Function (OPRF) according to various embodiments of thepresent invention;

FIG. 4A is a diagram illustrating an embodiment of one or morecommunication systems supporting key protect with obliviousnessaccording to various embodiments of the present invention;

FIG. 4B is a diagram illustrating an embodiment of one or morecommunication systems supporting Hardware Security Module (HSM)integration according to various embodiments of the present invention;

FIG. 4C is a diagram illustrating an embodiment of key hierarchies asmay be used in accordance with a KMS according to various embodiments ofthe present invention;

FIG. 5 is a diagram illustrating an embodiment of a method for executionby one or more computing devices according to various embodiments of thepresent invention;

FIG. 6 is a diagram illustrating an embodiment of one or morecommunication systems supporting a KMS based on a Partially-ObliviousPseudorandom Function (P-OPRF) according to various embodiments of thepresent invention;

FIG. 7 is a diagram illustrating an embodiment of a method for executionby one or more computing devices according to various embodiments of thepresent invention;

FIG. 8 is a diagram illustrating an embodiment of one or morecommunication systems supporting a KMS based on a ThresholdPartially-Oblivious Pseudorandom Function (TP-OPRF) according to variousembodiments of the present invention;

FIG. 9 is a diagram illustrating an embodiment of a method for executionby one or more computing devices according to various embodiments of thepresent invention;

FIG. 10 depicts a cloud computing environment according to variousembodiments of the present invention;

FIG. 11 depicts abstraction model layers according to variousembodiments of the present invention; and

FIG. 12 depicts a block diagram of a computing device according tovarious embodiments of the present invention.

DETAILED DESCRIPTION

According to an embodiment of the present invention, one or moreThreshold Oblivious Pseudorandom Functions (T-OPRF s) and/or ThresholdPartially-Oblivious Pseudorandom Functions (TP-OPRFs) are used toservice one or more keys such as may be used to access secureinformation. For example, a number of computing devices (referred to asshareholder computing devices in certain examples, embodiments, etc.herein) distributedly store and hold different respective portions orshares of the overall OPRF key (alternatively Partially-ObliviousPseudorandom Function (P-OPRF) or Threshold Partially-ObliviousPseudorandom Function (TP-OPRF), depending on a desired implementation).This disclosure presents, among other things, a computer-implementedmethod, a system, and a computer program product for architecture,implementation, operation, functionality, and processing of a verycomputationally efficient one or more Key Management Systems (KMSs) thatoperate based on one or more Threshold Partially-Oblivious PseudorandomFunctions (TP-OPRF s).

FIG. 1A is a diagram illustrating an embodiment 100 of one or morecommunication systems supporting a Key Management System (KMS) accordingto various embodiments of the present invention. One or more computingdevices (e.g., computing device 110, computing device 112, etc.) isconfigured to support communications via one or more other computingdevices and/or one or more network segments 116. In one example, thecomputing device 110 is in communication with a computing device 112 viathe one or more network segments 116. For example, the computing device110 is associated with a first user, and the computing device 112 isassociated with a second user. The one or more network segments 116 maybe implemented in accordance with a cloud computing environment 50 suchas described with reference to FIG. 9, and one or more network segments116 may include one or more other computing devices therein (e.g.,nodes, routers, gateways, servers, relays, transcoders, etc.) in someexamples and/or embodiments.

The computing device 110 is configured to access secure information(e.g., secure, private, encrypted, etc. data, keys, etc.) based on oneor more keys. Examples of such keys may be of various types includingone or more of a Data Encryption Key (DEK), Key Encryption Key (KEK),Wrapped Data Encryption Key (WDEK), Master Key Encryption Key (M-KEK),Instance Key Encryption Key (I-KEK), Customer Root Key (CRK), and/or anyother type of key including those associated with and used to encryptinformation, etc.

For example, once a key is generated, the computing device 110 may beconfigured to use that key to access secure information that is storedwithin the one or more network segments 116 and/or stored within acloud-based technology that is based on or accessible via the one ormore network segments 116. For example, the computing device 110requests encrypted data that is stored by a cloud provider, receivesthat encrypted data that is stored by that cloud provider, and then usesthe key to decrypt that encrypted data.

In general, in accordance with such security, encryption, etc., a key isused by the computing device 110 to access secure information (e.g.,data, keys, etc.) that are kept unavailable to others that do not havethe key. In general, a Key Management System (KMS) may be viewed asbeing a system for managing, reliably maintaining, and controllingaccess to keys on behalf computing devices, users, and/or applications,etc. High availability and durability is critical for a KMS. Forexample, considering a particular instance, if the KMS fails, anyattempt to restore data encrypted with keys managed by the KMS will alsofail. Security and proper access control enforcement and auditing isalso essential. For example, if the wrong entity (e.g., an unauthorizedentity) acquires a key from the KMS, the KMS has effectively disclosedto that party all data, keys, etc. encrypted under that key.

Communications between the respective communication devices in thisdiagram and also in other embodiments, examples, diagrams, etc. hereinmay include any one or more of communications, signals, blinded values,blinded keys, arbitrary exposed values and/or portions thereof,challenges, and/or other types of communications.

In an example of operation, computing device 110 is configured toprocess an input value that is associated with a key based on a blindingkey in accordance with a Threshold Partially-Oblivious PseudorandomFunction (TP-OPRF) blinding operation to generate a blinded input. Thecomputing device 110 is also configured to select a threshold number ofshareholder computing devices that are associated with a Key ManagementSystem (KMS) service (e.g., shown as KMS service 121 and one or morecomputing devices therein such as associated with KMS service 121athrough KMS service 121b, which may be co-located, located remotely withrespect to each other, etc.). Note that a TP-OPRF key includes aplurality of unique PRF keys that are distributedly stored among aplurality of shareholder computing devices. Also, the threshold numberof shareholder computing devices includes fewer than all of theplurality of shareholder computing devices in some examples. In otherexamples, the threshold number of shareholder computing devices includesall of the plurality of shareholder computing devices (e.g., thethreshold number of shareholder computing devices is same as theplurality of shareholder computing devices).

The computing device 110 is also configured to transmit (e.g., via thecommunication system, via the one or more network segments 116, via acloud computing environment, etc.) the blinded input to at least thethreshold number of shareholder computing devices associated with theKMS service (e.g., to a sufficient number of the one or more computingdevices therein such as associated with the KMS service 121a through KMSservice 121b to comply with the at least the threshold number ofshareholder computing devices associated with the KMS service).

The computing device 110 is also configured to receive (e.g., via thecommunication system, via the one or more network segments 116, via acloud computing environment, etc.) at least a threshold number ofblinded output components from the at least the threshold number ofshareholder computing devices associated with the KMS service. Note thata blinded output component of the at least the threshold number ofblinded output components is based on processing of the blinded inputbased on a Partially-Oblivious Pseudorandom Function (P-OPRF) using aunique share of a P-OPRF secret and an arbitrary exposed message by ashareholder computing device of the plurality of shareholder computingdevices. Also, note that the arbitrary exposed message is known to theshareholder computing device of the plurality of shareholder computingdevices, and the unique share of the P-OPRF secret is associated withthe shareholder computing device of the plurality of shareholdercomputing devices.

The computing device 110 is also configured to process the at least thethreshold number of blinded output components to generate a blindedoutput. The computing device 110 is also configured to process theblinded output based on the blinding key in accordance with a TP-OPRFunblinding operation to generate the key (e.g., that is associated withthe input value).

The computing device 110 is also configured to access secure informationbased on the key. For example, the computing device 110 is configured tofacilitate and/or perform processing of secure information based on thekey. In some examples, the computing device 110 is configured facilitateand/or perform access of secure information based on the key. In someexamples, the computing device 110 is configured to use the key toaccess secure information (e.g., via the communication system such asvia the one or more network segments 116, based on locally availableand/or stored secure information, and/or combination thereof, etc.).Alternatively, the computing device 110 is configured to facilitateand/or perform encryption of data using the key. In other examples, thecomputing device 110 is configured to facilitate and/or performdecryption of encrypted data using the key.

FIG. 1B is a diagram illustrating an embodiment 102 of one or morecommunication systems according to various embodiments of the presentinvention. One or more network segments 116 provide communicationinter-connectivity for at least two computing devices 110 and 112 (e.g.,such computing devices may be implemented and operative to supportcommunications with other computing devices in certain examples, andsuch computing devices may alternatively be referred to as communicationdevices in such situations including both computing device andcommunication device functionality and capability). Generally speaking,any desired number of communication devices are included within one ormore communication systems (e.g., as shown by computing device 114).

The various communication links within the one or more network segments116 may be implemented using any of a variety of communication mediaincluding communication links implemented as wireless, wired, optical,satellite, microwave, and/or any combination thereof, etc. communicationlinks. In general, the one or more network segments 116 may beimplemented to support a wireless communication system, a wire linedcommunication system, a non-public intranet system, a public internetsystem, a local area network (LAN), a wireless local area network(WLAN), a wide area network (WAN), a satellite communication system, afiber-optic communication system, and/or a mobile communication system.Also, in some instances, communication links of different types maycooperatively form a connection pathway between any two communicationdevices. Considering one possible example, a communication pathwaybetween devices 110 and 112 may include some segments of wiredcommunication links and other segments of optical communication links.Note also that the devices 110-114 may be of a variety of types ofdevices including stationary devices, mobile devices, portable devices,etc. and may support communications for any of a number of services orservice flows including data, telephony, television, Internet, media,synchronization, etc.

In an example of operation and implementation, device 110 includes acommunication interface to support communications with one or more ofthe other devices 112-114. In an example, the computing device 110includes a communication interface configured to interface andcommunicate with a communication network (e.g., the one or more networksegments 116), memory that stores operational instructions, and aprocessor coupled to the communication interface and to the memory. Theprocessor is configured to execute the operational instructions toperform various functions, operations, etc. Note that the communicationsupported by the computing device 110 may be bidirectional/to and fromthe one or more of the other computing devices 112-114 or unidirectional(or primarily unidirectional) from the one or more of the othercomputing devices 112-114.

In one example, computing device 110 includes a processor thatgenerates, modulates, encodes, etc. and transmits signals via acommunication interface of the computing device 110 and also receivesand processes, demodulates, decodes, etc. other signals received via thecommunication interface of the computing device 110 (e.g., received fromother computing devices such as computing device 112, computing device114, etc.).

Note also that the communication interface 120 may include functionalityto support receipt of user input and output of user output (e.g., via atouchscreen, a keyboard, audio and/or video input/output ports, etc.) tofacilitate interaction with one or more users of the computing device110-1. Such functionality is implemented separately from thecommunication interface 120 in some examples and is integrated into thecommunication interface 120 in other examples.

In an example of operation, computing device 110 is configured toprocess an input value that is associated with a key based on a blindingkey in accordance with a TP-OPRF blinding operation to generate ablinded input. The computing device 110 is also configured to select athreshold number of shareholder computing devices that are associatedwith a KMS service (e.g., shown as one or more computing devices 112through 114 therein such as associated with a KMS service, which may beco-located, located remotely with respect to each other, etc.). Notethat a TP-OPRF key includes a plurality of unique PRF keys that aredistributedly stored among a plurality of shareholder computing devices.Also, the threshold number of shareholder computing devices includesfewer than all of the plurality of shareholder computing devices in someexamples. In other examples, the threshold number of shareholdercomputing devices includes all of the plurality of shareholder computingdevices (e.g., the threshold number of shareholder computing devices issame as the plurality of shareholder computing devices).

The computing device 110 is also configured to transmit (e.g., via thecommunication system, via the one or more network segments 116, via acloud computing environment, etc.) the blinded input to at least thethreshold number of shareholder computing devices associated with theKMS service (e.g., to a sufficient number of the one or more computingdevices 112 through 114 therein such as associated with the KMS serviceto comply with the at least the threshold number of shareholdercomputing devices associated with the KMS service).

The computing device 110 is also configured to receive (e.g., via thecommunication system, via the one or more network segments 116, via acloud computing environment, etc.) at least a threshold number ofblinded output components from the at least the threshold number ofshareholder computing devices associated with the KMS service. Note thata blinded output component of the at least the threshold number ofblinded output components is based on processing of the blinded inputbased on a Partially-Oblivious Pseudorandom Function (P-OPRF) using aunique share of a P-OPRF secret and an arbitrary exposed message by ashareholder computing device (e.g., computing device 112) of theplurality of shareholder computing devices (e.g., computing devices 112through 114). Also, note that the arbitrary exposed message is known tothe shareholder computing device (e.g., computing device 112) of theplurality of shareholder computing devices, and the unique share of theP-OPRF secret is associated with the shareholder computing device (e.g.,computing device 112) of the plurality of shareholder computing devices(e.g., computing devices 112 through 114).

The computing device 110 is also configured to process the at least thethreshold number of blinded output components to generate a blindedoutput. The computing device 110 is also configured to process theblinded output based on the blinding key in accordance with a TP-OPRFunblinding operation to generate the key (e.g., that is associated withthe input value).

The computing device 110 is also configured to access secure informationbased on the key. For example, the computing device 110 is configured tofacilitate and/or perform processing of secure information based on thekey. In some examples, the computing device 110 is configured facilitateand/or perform access of secure information based on the key.Alternatively, the computing device 110 is configured to facilitateand/or perform encryption of data using the key. In other examples, thecomputing device 110 is configured to facilitate and/or performdecryption of encrypted data using the key. In some examples, thecomputing device 110 is configured to use the key to access secureinformation (e.g., via the communication system, based on locallyavailable and/or stored secure information, and/or combination thereof,etc.).

FIG. 1C is a diagram illustrating an embodiment 103 of a computingdevice configured to operate within one or more communication systemsaccording to various embodiments of the present invention. The computingdevice 110-1 includes a communication interface 120 and processingcircuitry 130. The communication interface 120 includes functionality ofa transmitter 122 and a receiver 124 to support communications with oneor more other devices within a communication system. The computingdevice 110-1 may also include memory 140 to store information includingone or more signals generated by the computing device 110-1 or suchinformation received from other devices (e.g., computing device 112) viaone or more communication channels. For example, memory 140 may alsoinclude and store various operational instructions for use by theprocessing circuitry 130 in regards to the processing of messages and/orother received signals and generation of other messages and/or othersignals including those described herein (e.g., image and/or videosignals). Memory 140 may also store information including one or moretypes of encoding, one or more types of symbol mapping, concatenation ofvarious modulation coding schemes, etc. as may be generated by thecomputing device 110-1 or such information received from other devicesvia one or more communication channels. The communication interface 120supports communications to and from one or more other devices (e.g.,computing device 112-1 and/or other computing devices). Memory 140 mayalso store information including one or more types of video and/or imageprocessing in accordance with the various aspects, embodiments, and/orexamples, and their equivalents, described herein.

Operation of the communication interface 120 may be directed by theprocessing circuitry 130 such that processing circuitry 130 transmitsand receives signals (TX(s) and RX(s)) via the communication interface120. Generally speaking, computing device 110-1 is able to supportcommunications with one or more other computing device within one ormore communication systems including computing device 112-2.

A computing device 110-1 (e.g., which may be any one of computingdevices 110, 112, or 114 as with reference to FIG. 1B) is incommunication with another computing device 112-1 (and/or any number ofother wireless computing devices) via a communication medium. Thecomputing device 110-1 includes a communication interface 120 to performtransmitting and receiving of at least one signal, symbol, packet,and/or frame, etc. (e.g., using a transmitter 122 and a receiver 124)(note that general reference to packet or frame may be usedinterchangeably).

Generally speaking, the communication interface 120 is implemented toperform any such operations of an analog front end (AFE) and/or physicallayer (PHY) transmitter, receiver, and/or transceiver. Examples of suchoperations may include any one or more of various operations includingconversions between the frequency and analog or continuous time domains(e.g., such as the operations performed by a digital to analog converter(DAC) and/or an analog to digital converter (ADC)), gain adjustmentincluding scaling, filtering (e.g., in either the digital or analogdomains), frequency conversion (e.g., such as frequency upscaling and/orfrequency downscaling, such as to a baseband frequency at which one ormore of the components of the computing device 110-1 operates),equalization, pre-equalization, metric generation, symbol mapping and/orde-mapping, automatic gain control (AGC) operations, and/or any otheroperations that may be performed by an AFE and/or PHY component within acomputing device.

In some implementations, the computing device 110-1 also includes aprocessing circuitry 130, and an associated memory 140, to executevarious operations including interpreting at least one signal, symbol,packet, and/or frame transmitted to computing device 112-1 and/orreceived from the computing device 112-1 and/or any other computingdevice. The computing devices 110-1 and 112-1 may be implemented usingat least one integrated circuit in accordance with any desiredconfiguration or combination of components, modules, etc. within atleast one integrated circuit. Also, the computing devices 110 and/or 112may each include one or more antennas for transmitting and/or receivingof at least one packet or frame wirelessly (e.g., computing device 110-1may include m antennas, and computing device 112-1 may include nantennas, where m and n are positive integers).

Also, in some examples, note that one or more of the processingcircuitry 130, the communication interface 120 (including the TX 122and/or RX 124 thereof), and/or the memory 140 may be implemented in oneor more “processing modules,” “processing circuits,” “processors,”and/or “processing units” or their equivalents. Considering one example,a system-on-a-chip (SOC) 130 a may be implemented to include theprocessing circuitry 130, the communication interface 120 (including theTX 122 and/or RX 124 thereof), and the memory 140 (e.g., SOC 130 a beinga multi-functional, multi-module integrated circuit that includesmultiple components therein). Considering another example,processing-memory circuitry 130 b may be implemented to includefunctionality similar to both the processing circuitry 130 and thememory 140 yet the communication interface 120 is a separate circuitry(e.g., processing-memory circuitry 130 b is a single integrated circuitthat performs functionality of a processing circuitry and a memory andis coupled to and also interacts with the communication interface 120).

Considering even another example, two or more processing circuitries maybe implemented to include the processing circuitry 130, thecommunication interface 120 (including the TX 122 and/or RX 124thereof), and the memory 140. In such examples, such a “processingcircuitry,” “processing circuitry,” or “processing circuitries” (or“processor” or “processors”) is/are configured to perform variousoperations, functions, communications, etc. as described herein. Ingeneral, the various elements, components, etc. shown within thecomputing device 110-1 may be implemented in any number of “processingmodules,” “processing circuits,” “processors,” and/or “processing units”(e.g., 1, 2, . . . , and generally using N such “processing modules,”“processing circuits,” “processors,” and/or “processing units”, where Nis a positive integer greater than or equal to 1).

In some examples, the computing device 110-1 includes both processingcircuitry 130 and communication interface 120 configured to performvarious operations. In other examples, the computing device 110-1includes SOC 130 a configured to perform various operations. In evenother examples, the computing device 110-1 includes processing-memorycircuitry 130 b configured to perform various operations. Generally,such operations include generating, transmitting, etc. signals intendedfor one or more other computing device (e.g., computing device 112-1)and receiving, processing, etc. other signals received for one or moreother devices (e.g., computing device 112-1).

In some examples, note that the communication interface 120, which iscoupled to the processing circuitry 130, is configured to supportcommunications within a satellite communication system, a wirelesscommunication system, a wired communication system, a fiber-opticcommunication system, and/or a mobile communication system (and/or anyother type of communication system implemented using any type ofcommunication medium or media). Any of the signals generated andtransmitted and/or received and processed by the computing device 110-1may be communicated via any of these types of communication systems.

Note that computing device 110-1 may be implemented to operate as anyone or more of a satellite communication device, a wirelesscommunication device, a wired communication device, a fiber-opticcommunication device, or a mobile communication device and implementedand/or operative within any one or more communication systems includinga satellite communication system, a wireless communication system, awired communication system, a fiber-optic communication system, or amobile communication system, among other types of communication systems.

In an example of operation and implementation, a computing deviceincludes a communication interface 120 configured to interface andcommunicate with a communication network, memory 140 that storesoperational instructions, and processing circuitry 130 coupled to thecommunication interface and to the memory.

The processing circuitry 130 is configured to execute the operationalinstructions to perform various functions, operations, and processes(sometimes in cooperation with the communication interface 120 and/orthe memory 140).

In an example of operation, processing circuitry 130 is configured toprocess an input value that is associated with a key based on a blindingkey in accordance with a TP-OPRF blinding operation to generate ablinded input. The processing circuitry 130 is also configured to selecta threshold number of shareholder computing devices that are associatedwith a KMS service (e.g., shown as one or more computing devices 112-1through 112-2 therein such as associated with a KMS service, which maybe co-located, located remotely with respect to each other, etc.). Notethat a TP-OPRF key includes a plurality of unique PRF keys that aredistributedly stored among a plurality of shareholder computing devices.Also, the threshold number of shareholder computing devices includesfewer than all of the plurality of shareholder computing devices in someexamples. In other examples, the threshold number of shareholdercomputing devices includes all of the plurality of shareholder computingdevices (e.g., the threshold number of shareholder computing devices issame as the plurality of shareholder computing devices).

The processing circuitry 130 is also configured to transmit (e.g., viathe communication system, via a cloud computing environment, etc.) theblinded input to at least the threshold number of shareholder computingdevices associated with the KMS service (e.g., to a sufficient number ofthe one or more computing devices 112 through 114 therein such asassociated with the KMS service to comply with the at least thethreshold number of shareholder computing devices associated with theKMS service).

The processing circuitry 130 is also configured to receive (e.g., viathe communication system, via a cloud computing environment, etc.) atleast a threshold number of blinded output components from the at leastthe threshold number of shareholder computing devices associated withthe KMS service. Note that a blinded output component of the at leastthe threshold number of blinded output components is based on processingof the blinded input based on a Partially-Oblivious PseudorandomFunction (P-OPRF) using a unique share of a P-OPRF secret and anarbitrary exposed message by a shareholder computing device (e.g.,computing device 112) of the plurality of shareholder computing devices(e.g., computing devices 112-1 through 112-2). Also, note that thearbitrary exposed message is known to the shareholder computing device(e.g., computing device 112-1) of the plurality of shareholder computingdevices, and the unique share of the P-OPRF secret is associated withthe shareholder computing device (e.g., computing device 112-1) of theplurality of shareholder computing devices (e.g., computing devices112-1 through 112-2).

The processing circuitry 130 is also configured to process the at leastthe threshold number of blinded output components to generate a blindedoutput. The processing circuitry 130 is also configured to process theblinded output based on the blinding key in accordance with a TP-OPRFunblinding operation to generate the key (e.g., that is associated withthe input value).

The processing circuitry 130 is also configured to access secureinformation based on the key. For example, the processing circuitry 130is configured to facilitate and/or perform processing of secureinformation based on the key. In some examples, the processing circuitry130 is configured facilitate and/or perform access of secure informationbased on the key. Alternatively, the processing circuitry 130 isconfigured to facilitate and/or perform encryption of data using thekey. In other examples, the processing circuitry 130 is configured tofacilitate and/or perform decryption of encrypted data using the key. Insome examples, the processing circuitry 130 is configured to use the keyto access secure information (e.g., via the communication system, basedon locally available and/or stored secure information, and/orcombination thereof, etc.).

FIG. 1D is a diagram illustrating an embodiment 100 of a wirelesscommunication system according to various embodiments of the presentinvention. The wireless communication system includes one or more basestations and/or access points 150, wireless communication devices160-166 (e.g., wireless stations (STAs)), and a network hardwarecomponent 156. The wireless communication devices 160-166 may be laptopcomputers, or tablets, 160, personal digital assistants 162, personalcomputers 164 and/or cellular telephones 166 (and/or any other type ofwireless communication device). Other examples of such wirelesscommunication devices 160-166 could also or alternatively include othertypes of devices that include wireless communication capability (and/orother types of communication functionality such as wired communicationfunctionality, satellite communication functionality, fiber-opticcommunication functionality, etc.). Examples of wireless communicationdevices may include a wireless smart phone, a cellular phone, a laptop,a personal digital assistant, a tablet, a personal computers (PC), awork station, and/or a video game device.

Some examples of possible devices that may be implemented to operate inaccordance with any of the various examples, embodiments, options,and/or their equivalents, etc. described herein may include, but are notlimited by, appliances within homes, businesses, etc. such asrefrigerators, microwaves, heaters, heating systems, air conditioners,air conditioning systems, lighting control systems, and/or any othertypes of appliances, etc.; meters such as for natural gas service,electrical service, water service, Internet service, cable and/orsatellite television service, and/or any other types of meteringpurposes, etc.; devices wearable on a user or person including watches,monitors such as those that monitor activity level, bodily functionssuch as heartbeat, breathing, bodily activity, bodily motion or lackthereof, etc.; medical devices including intravenous (IV) medicinedelivery monitoring and/or controlling devices, blood monitoring devices(e.g., glucose monitoring devices) and/or any other types of medicaldevices, etc.; premises monitoring devices such as movementdetection/monitoring devices, door closed/ajar detection/monitoringdevices, security/alarm system monitoring devices, and/or any other typeof premises monitoring devices; multimedia devices includingtelevisions, computers, audio playback devices, video playback devices,and/or any other type of multimedia devices, etc.; and/or generally anyother type(s) of device(s) that include(s) wireless communicationcapability, functionality, circuitry, etc. In general, any device thatis implemented to support wireless communications may be implemented tooperate in accordance with any of the various examples, embodiments,options, and/or their equivalents, etc. described herein.

The one or more base stations (BSs) or access points (APs) 150 areoperably coupled to the network hardware 156 via local area networkconnection 152. The network hardware 156, which may be a router, switch,bridge, modem, system controller, etc., provides a wide area networkconnection 154 for the communication system. Each of the one or morebase stations or access points 150 has an associated antenna or antennaarray to communicate with the wireless communication devices in itsarea. Typically, the wireless communication devices register with aparticular base station or access point 150 to receive services from thecommunication system. For direct connections (i.e., point-to-pointcommunications), wireless communication devices communicate directly viaan allocated channel.

Any of the various wireless communication devices (WDEVs) 160-166 andone or more BSs or APs 150 may include a processing circuitry and/or acommunication interface to support communications with any other of thewireless communication devices 160-166 and one or more BSs or APs 150.In an example of operation, a processing circuitry and/or acommunication interface implemented within one of the devices (e.g., anyone of the WDEVs 160-166 and one or more BSs or APs 150) is/areconfigured to process at least one signal received from and/or togenerate at least one signal to be transmitted to another one of thedevices (e.g., any other one of the one or more WDEVs 160-166 and one ormore BSs or APs 150).

Note that general reference to a communication device, such as awireless communication device (e.g., WDEVs) 160-166 and one or more BSsor APs 150 in FIG. 1D, or any other communication devices and/orwireless communication devices may alternatively be made generallyherein using the term ‘device’ (e.g., “device” when referring to“wireless communication device” or “WDEV”). Generally, such generalreferences or designations of devices may be used interchangeably.

The processing circuitry and/or the communication interface of any oneof the various devices, WDEVs 160-166 and one or more BSs or APs 150,may be configured to support communications with any other of thevarious devices, WDEVs 160-166 and one or more BSs or APs 150. Suchcommunications may be uni-directional or bi-directional between devices.Also, such communications may be uni-directional between devices at onetime and bi-directional between those devices at another time.

In an example, a device (e.g., any one of the WDEVs 160-166 and one ormore BSs or APs 150) includes a communication interface and/or aprocessing circuitry (and possibly other possible circuitries,components, elements, etc.) to support communications with otherdevice(s) and to generate and process signals for such communications.The communication interface and/or the processing circuitry operate toperform various operations and functions to effectuate suchcommunications (e.g., the communication interface and the processingcircuitry may be configured to perform certain operation(s) inconjunction with one another, cooperatively, dependently with oneanother, etc. and other operation(s) separately, independently from oneanother, etc.). In some examples, such a processing circuitry includesall capability, functionality, and/or circuitry, etc. to perform suchoperations as described herein. In some other examples, such acommunication interface includes all capability, functionality, and/orcircuitry, etc. to perform such operations as described herein. In evenother examples, such a processing circuitry and a communicationinterface include all capability, functionality, and/or circuitry, etc.to perform such operations as described herein, at least in part,cooperatively with one another.

In an example of implementation and operation, a wireless communicationdevice (e.g., any one of the WDEVs 160-166 and one or more BSs or APs150) includes a processing circuitry to support communications with oneor more of the other wireless communication devices (e.g., any other ofthe WDEVs 160-166 and one or more BSs or APs 150). For example, such aprocessing circuitry is configured to perform both processing operationsas well as communication interface related functionality. Such aprocessing circuitry may be implemented as a single integrated circuit,a system on a chip, etc.

In another example of implementation and operation, a wirelesscommunication device (e.g., any one of the WDEVs 160-166 and one or moreBSs or APs 150) includes a processing circuitry, a communicationinterface, and a memory configured to support communications with one ormore of the other wireless communication devices (e.g., any other of theWDEVs 160-166 and one or more BSs or APs 150).

In an example of operation, WDEV 160 is configured to process an inputvalue that is associated with a key based on a blinding key inaccordance with a TP-OPRF blinding operation to generate a blindedinput. The WDEV 160 is also configured to select a threshold number ofshareholder computing devices that are associated with a KMS service(e.g., shown as one or more other of the WDEVs 160-166 therein such asassociated with a KMS service, which may be co-located, located remotelywith respect to each other, etc. and/or one or more other devices,computing devices, communication devices, etc. such as may be accessiblevia the one or more BSs or APs 150 and/or network hardware 156, and/orWAN connection 154). Note that a TP-OPRF key includes a plurality ofunique PRF keys that are distributedly stored among a plurality ofshareholder computing devices. Also, the threshold number of shareholdercomputing devices includes fewer than all of the plurality ofshareholder computing devices in some examples. In other examples, thethreshold number of shareholder computing devices includes all of theplurality of shareholder computing devices (e.g., the threshold numberof shareholder computing devices is same as the plurality of shareholdercomputing devices).

The WDEV 160 is also configured to transmit (e.g., via the communicationsystem, via a cloud computing environment, etc.) the blinded input to atleast the threshold number of shareholder computing devices associatedwith the KMS service (e.g., to a sufficient number of the one or moreother of the WDEVs 160-166 therein such as associated with a KMSservice, and/or one or more other devices, computing devices,communication devices, etc. such as may be accessible via the one ormore BSs or APs 150 and/or network hardware 156, and/or WAN connection154 such as associated with the KMS service to comply with the at leastthe threshold number of shareholder computing devices associated withthe KMS service).

The WDEV 160 is also configured to receive (e.g., via the communicationsystem, via a cloud computing environment, etc.) at least a thresholdnumber of blinded output components from the at least the thresholdnumber of shareholder computing devices associated with the KMS service.Note that a blinded output component of the at least the thresholdnumber of blinded output components is based on processing of theblinded input based on a Partially-Oblivious Pseudorandom Function(P-OPRF) using a unique share of a P-OPRF secret and an arbitraryexposed message by a shareholder computing device (e.g., WDEV 162) ofthe plurality of shareholder computing devices (e.g., one or more otherof the WDEVs 160-166). Also, note that the arbitrary exposed message isknown to the shareholder computing device (e.g., WDEV 162) of theplurality of shareholder computing devices, and the unique share of theP-OPRF secret is associated with the shareholder computing device (e.g.,WDEV 162) of the plurality of shareholder computing devices (e.g., oneor more other of the WDEVs 160-166).

The WDEV 160 is also configured to process the at least the thresholdnumber of blinded output components to generate a blinded output. TheWDEV 160 is also configured to process the blinded output based on theblinding key in accordance with a TP-OPRF unblinding operation togenerate the key (e.g., that is associated with the input value).

The WDEV 160 is also configured to access secure information based onthe key. For example, the WDEV 160 is configured to facilitate and/orperform processing of secure information based on the key. In someexamples, the WDEV 160 is configured facilitate and/or perform access ofsecure information based on the key. Alternatively, the WDEV 160 isconfigured to facilitate and/or perform encryption of data using thekey. In other examples, the WDEV 160 is configured to facilitate and/orperform decryption of encrypted data using the key. In some examples,the WDEV 160 is configured to use the key to access secure information(e.g., via the communication system, based on locally available and/orstored secure information, and/or combination thereof, etc.).

FIG. 2A is a diagram illustrating another embodiment 201 of one or morecommunication systems supporting a KMS according to various embodimentsof the present invention. This diagram shows a computing device 110 thatis configured to interact with a cloud storage service 210 and a cloudKey Management System (KMS) service 220 that are both implemented withinthe same environment (e.g., one or more network segments 116 that may beimplemented as a cloud computing environment, a cloud provider, etc.).The cloud storage service 210 may include various types of one or moresecure information 210 a (e.g., key protected data, wrapped key, etc.and/or other secure information). The cloud KMS service 220 may includeone or more keys 220 a that may be used by one of more users associatedwith one or more computing devices to access the various types of one ormore secure information 210a.

In this implementation, when the same cloud provider is used for boththe cloud storage service 210 and the cloud KMS service 220, a maliciousinsider or corrupt cloud provider could access tenant data. As such,trust requirements are maximized in order to ensure the security of thedata. For example, a customer using the same provider for both services(e.g., the cloud storage service 210 and the cloud KMS service 220)requires that they have complete confidence in that provider and itsprocesses.

FIG. 2B is a diagram illustrating another embodiment 202 of one or morecommunication systems supporting a KMS according to various embodimentsof the present invention. This diagram shows a computing device 110 thatis configured to interact with a cloud storage service 210 and a cloudKMS service 220 that are separately implemented within differentenvironments (e.g., the cloud storage service 210 implemented based onone or more network segments 116 that may be implemented as a firstcloud computing environment, a cloud provider, etc., and the KMS service220 based on one or more network segments 116a that may be implementedas a second cloud computing environment, a cloud provider, etc.).Similarly as described above, the cloud storage service 210 may includevarious types of one or more secure information 210 a (e.g., keyprotected data, wrapped key, etc. and/or other secure information), andthe cloud KMS service 220 may include one or more keys 220 a that may beused by one of more users associated with one or more computing devicesto access the various types of one or more secure information 210 a.

In this implementation, when two separate and distinct cloud providersare used for the cloud storage service 210 and a cloud KMS service 220,respectively, there can be higher complexity of the overall system, andthere can be a likelihood of incompatible Application Program Interfaces(APIs). As such certain interoperability issues and other problems mayemerge. For example, note that while customer doesn't necessarily needto have complete trust in any one specific provider, this implementationcan unfortunately introduce a number of interoperability issues. Forexample, APIs and libraries for interfacing between the two services maynot be compatible. Also, functions such as “Server Side Encryption”(SSE) may not work at all in such an implementation.

FIG. 3A is a diagram illustrating another embodiment 301 of one or morecommunication systems supporting a KMS according to various embodimentsof the present invention. This diagram shows a computing device 110 thatis configured to interact with a cloud storage service 310 and aninternal KMS service 320 a that may be implemented at a tenant premises330. For example, the tenant premises 330 may be located remotely fromthe computing device 110 and is accessible via one or more networksegments 116 that may be implemented as a cloud computing environment, acloud provider, etc. Similarly as described above with respect to otherembodiments and examples, the cloud storage service 310 may includevarious types of one or more secure information 310 a (e.g., keyprotected data, wrapped key, etc. and/or other secure information), andthe internal KMS service 320 may include one or more keys 320 b that maybe used by one of more users associated with one or more computingdevices to access the various types of one or more secure information310 a.

In this implementation, when a tenant uses cloud storage (e.g., cloudstorage service 310) to operate with an internal KMS service 320, thecustomer needs not necessarily have complete trust with the cloudprovider, but such an implementation can require significant processes,expertise and expense to manage one's own KMS. Such an implementationcan be very expensive.

For example, this diagram shows an implementation of a user of the cloudthat may have little to no trust in the cloud provider to protect thesecurity of its one or more keys. For example, such a user may trust acloud storage provider to store encrypted data, yet that user trusts nocloud provider with holding of its one or more keys. In thisimplementation, while the user doesn't necessarily have to trust thecloud provider, the implementation can be problematic for variousreasons including being very expensive, requiring a rare expertise,special-purpose equipment, requiring disaster recovery plan(s), trustedstaff, and rigorous policies. Without these, it is very likely to beless reliable or less secure in practice than a cloud KMS.

Many such implementations of KMSs based on cloud-based technologiessuffer for various reasons including requiring placing significant trustin a single provider and/or requiring the maintenance of one's own KMSinfrastructure. This disclosure addresses such deficiencies and problemsin the prior art including to provide a KMS that does not require anytrust in the cloud provider and also needs no KMS infrastructure in thetenant premises. Such novel solutions as presented herein minimizes anyrequired trust in a KMS service provider. For example, the one or morekeys never leave customer premises, and the KMS service provider neversees those one or more keys. Also, no one can access the one or morekeys without authenticating to the KMS provider. In addition, such novelsolutions as presented herein provides for post-quantum security, inthat, even with the advent of quantum capability of performing nearlimitless computation operations, the novel implementation as presentedherein is immune to such advances in computing technology as may betargeted for hacking, invasive processes, etc. For example, a novel keyaccess protocol approach as presented herein is immune from attackerswith unlimited computational resources, including those with quantumcomputers.

Also, within such novel solutions as presented herein, the security ofthe keys if not dependent on the security of one or more communicationchannels over which communications are made. For example, some prior artapproaches operate based on Transport Layer Security (TLS) and/or othermeans by to effectuate secure communications.

In addition, such novel solutions as presented herein provides foreverlasting security, in that, the one or more keys remain secure. Forexample, even in the unfortunate event in which a KMS service provideris completely breached, the one or more keys remain totally secure. Notethat some implementations may be implemented as requiring unpredictablekey identifiers (ids) (e.g., using a “key id as a second factor”). Suchnovel solutions as presented herein obviates the requirement to havefull and complete trust in a KMS service provider in terms of using orexposing the one of more keys the user wants the KMS service provider tostore. The user may still seek a KMS service provider that does providea highly available/reliable system, but the trust in that same KMSservice provider to trust fully the KMS service provider in terms ofusing or exposing the one of more keys is obviated.

In an implementation when the tenant of a cloud KMS service providertrusts the provider with his keys, the tenant may operate by eitherstoring them for later retrieval or in unwrapping them. In both cases,the cloud KMS service provider will sees the tenant's keys. Such novelsolutions as presented herein provides for a means by which the cloudKMS service provider will never see the tenant's keys.

FIG. 3B is a diagram illustrating an embodiment 302 of one or morecommunication systems supporting a KMS based on an ObliviousPseudorandom Function (OPRF) according to various embodiments of thepresent invention. An OPRF enables the tenant to get keys from the CloudKMS provider. The property of obliviousness ensures the provider iscryptographically, mathematically, and provably not able to see ordetermine the keys. With respect to this diagram note that the “+” and“−” operations depicted therein are not arithmetical addition andsubtraction per se. These operations may be exponentiation modulo aprime, or multiplication over an elliptic curve, or some otheroperations.

Considering an OPRF, an OPRF allows two parties to evaluate a function,Y, as follows:

Y=OPRF(K, X)

The OPRF secret K is only known to “Bob”; Alice can't determine it.

Output Y and input X are only known to “Alice”; Bob can't determineeither.

An Oblivious PRF enables an ideal Cloud KMS:

The tenant uses “X” as a “key id” and “Y” as the key (DEK or KEK)

The OPRF guarantees the provider learns nothing about the key

The provider holds the OPRF secret: “K”, functioning as a “CRK”

The OPRF can be viewed a key derivation that occurs on a blinded value(e.g., on a homomorphically encrypted cipher text). Note that certainexamples herein are described with respect to an OPRF blinding operationthat is performed using homomorphic encryption (and a an OPRF unblindingoperation that is performed using homomorphic decryption), in general,any OPRF blinding/OPRF unblinding operation may be used such that theprocess that performs the OPRF blinding/OPRF unblinding operation areknown to client (e.g., user, computing device 110 such as “Alice,” andnot to “Bob”). One example of such OPRF blinding/OPRF unblindingoperation includes homomorphic encryption/homomorphic decryption.However, in general, any function may be used by the perform the OPRFblinding/OPRF unblinding operation to generate a blinded value that isunknown to the other computing device that is associated with the KMSservice (e.g., server/KMS service 121 (“Bob”)). For example, any desiredfunction or mapping of an input value to generate an unknown input value(unknown to the other computing device that is associated with the KMSservice such as server/KMS service 121 (“Bob”)). Then, the client (e.g.,user, computing device 110) knows how to perform the appropriate OPRFunblinding based on the OPRF blinding that was performed in thatinstance.

With respect to such an OPRF blinding operation that is performed usinghomomorphic encryption, the client (e.g., user, computing device 110)applies a homomorphic one-time-pad encryption key to an input value. Forexample, the client starts with some input value from which it wants toderive a key. For example, this input value could be a key id. Theclient then encrypts the input value with a one-time-pad encryption key(e.g., homomorphic one-time-pad encryption). The one-time-pad encryptionkey is randomly generated for this key recovery only and is or may bethrown away afterwards (e.g., not saved for future use).

This is an OPRF blinding operation that is performed using homomorphicencryption, and a one-time-pad. Accordingly, the encrypted (or blinded)result reveals zero information about the input. This cipher text(blinded value) is then sent to the server/KMS service 121. Theserver/KMS service 121 uses the OPRF key (e.g., a Customer Root Key(CRK) in some examples, an OPRF secret) to perform a key derivationfunction on this cipher text and returns it to the user.

Because of the homomorphic properties of the encryption, when the client(e.g., user, computing device 110) decrypts the result from theserver/KMS service 121, it finds it gets the same value as had theserver performed its key derivation function directly against theplaintext value. This result is considered the key. The resulting key isequal to the key derivation function (KDF) (e.g., a deterministicfunction used to generate the key) applied to the input.

Note that even if the client had chosen a different random blinding key,note that the resulting key that would be generated would be the same.In fact, all possible blinded values are possible with any possibleinput value. This is why the server, and any eavesdroppers, gain noinformation about the input value or the derived key, from seeing whatgoes over the wire, network segment(s), cloud, etc. to the server/KMSservice 121.

Note that this is from of homomorphic encryption is a special-case formthat is extremely efficient and practical. Note also that HardwareSecurity Modules (HSMs) are quoted as capable of performing 10s ofthousands of such operations per second. CPUs can perform upwards ofhundreds of thousands per second.

Also, note that the Key is derived from the “Input Value” combined withthe “OPRF Key” (e.g., an OPRF secret). Note also that the holder of theOPRF Key, the server/KMS service 121, never sees the Input Value, northe Resulting key. This is enforced by a process of “Blinding” whereboth the input and the output are blinded in an informationtheoretically (quantum secure) way, such that the input and outputyields zero information about the Key, neither to the KMS service,hackers, or the NSA. The following steps may be viewed as effectuatingthis process and exchange between a client (e.g., user, computing device110) and server/KMS service 121:

1. Tenant generates random key: R

2. Tenant encrypts the “key id” using the random key: ER{key-id}

3. Tenant sends encrypted result to the Cloud KMS provider

4. Cloud KMS provider encrypts result with its own key: P

5. Cloud KMS provider returns the result to the tenant: EP {ER{key-id}}

6. Tenant decrypts it with his random key R to get: Ep{key-id}

In some examples, a computing device 110 (e.g., a client such asassociated with a user) is configured to process an input value that isassociated with a key based on a blinding key in accordance withhomomorphic encryption to generate a blinded value. The computing deviceis configured to transmit, via a communication system, the blinded valueto another computing device (server/KMS service 121) that is associatedwith a Key Management System (KMS) service. The computing device isconfigured to receive, via the communication system and from the othercomputing device (server/KMS service 121) that is associated with theKMS service, a blinded key. The blinded key is based on processing ofthe blinded value based on an OPRF using an OPRF secret. For example,the server/KMS service 121 is configured to on processing of the blindedvalue based on the OPRF using the OPRF secret. The computing device 110is then configured to process the blinded key based on the blinding keyin accordance with homomorphic decryption to generate the key that isassociated with the input value. In some examples, the computing device110 is also configured to access, via the communication system, secureinformation based on the key.

In an example of operation and implementation, once the key isgenerated, the computing device 110 uses that key to access secureinformation that is stored within a cloud-based technology that is basedon or accessible via the one or more network segments. For example, thecomputing device 110 requests encrypted data that is stored by a cloudprovider, receives that encrypted data that is stored by that cloudprovider, and then uses the key to decrypt that encrypted data.

Further understanding of an Oblivious Pseudorandom Function (OPRF) maybe made based on consideration of a Pseudorandom Function (PRF) (e.g.,that is not oblivious). A Pseudorandom Function (PRF) is a function thattakes two inputs:

1. a PRF key “K”; and

2. an arbitrary message “M”.

From these two inputs, the PRF returns a “pseudorandom” output. This isan output that is statistically indistinguishable from random output.Also, the output is infeasible to be predicted without knowledge of K.These two properties make PRFs well-suited for key derivation, that is,creating sub-keys from some top-level “root” key. For example, anunlimited number of sub-keys may be computed from a PRF as follows:

sub-key_1=PRF(K, “1”), sub-key_2=PRF(K, “2”), sub-key_3=PRF(K, “3”), . .. , sub-key_n=PRF(K, “n”)

This can simplify key management, as only a single top-level, or rootkey needs to be persisted while supporting a virtually unlimited numberof derived keys.

In a Key Management System (KMS), users of the KMS may interact with theKMS to obtain encryption keys. An example of operation between a KMSrequester (e.g., a computing device, a user such as associated with acomputing device, etc.) and a KMS unit (e.g., another computing device,a KMS service, etc.) is as follows:

1. The requester seeking to access a key sends a Key Access Request(KAR) to a KMS unit, the request can include any one or more of:

a. a requester identifier (requester ID);

b. a root key identifier (root key ID);

c. a sub-key identifier (sub-key ID);

d. authenticating information (e.g., credentials such as a password, atoken, a response to a challenge, a signature, a digital certificate,etc.); and/or

e. a challenge to the KMS unit (e.g., for the KMS unit to prove itsidentity or correctness of operation to the requester).

2. The KMS unit performs validation of the request, including any one ormore of:

a. Ensuring the credentials are correct for the requester identifier;and/or

b. Ensuring the requester is authorized to access a key derived from thegiven root key identifier.

3. If not authorized, the KMS unit returns an error response and maycreate an audit log of the failure or take other corrective actions. Ifthe request is authorized, the KMS unit proceeds to the next step.

4. The KMS unit processes the access request, by using the appropriateroot key (either the one indicated in the request, or by inferring itfrom other information, such as the requester identifier) together withthe sub-key ID to compute a sub-key. For example, when using a PRF toderive a sub-key, the KMS unit may compute that subkey S, asS=PRF(root-key, sub-key ID). The KMS unit may create an audit log of thesuccessful access request. It then proceeds to the next step.

5. If a challenge was provided by the requester to the KMS unit, the KMSunit generates a response to the challenge (e.g., a question, and aresponse to that question that compares favorably with the question)

6. The KMS unit returns a response to the requester including thesub-key and a challenge if one was generated

7. The requester validates the response to the challenge (if provided),and if it is valid, proceeds to use the sub-key (e.g., to performencryption or decryption operations).

One downside to using a PRF in this way is that the KMS unit learns allthe sub-keys returned to requesters, as the KMS unit computes the PRFand sees the input and output of the function. This makes the KMSservice a central point of compromise for all the keys used by all therequesters in the system.

Such novel solutions as presented herein provides for applying afunction known as an Oblivious Pseudorandom Function (OPRF). This can beenable secure access of keys by requesters from the KMS without the KMSbeing able to observe the keys and/or sub-keys that are requested andreturned.

An OPRF works as follows. It takes two inputs:

1. an OPRF key “K” (e.g., an OPRF secret)

2. an arbitrary message “M” (e.g., a key ID, a label, a user-providedidentifier, etc.)

From these two inputs, the OPRF also returns a pseudorandom output.However, unlike the PRF, the OPRF is computed by two parties (e.g., therequester and the KMS). The first party supplies the input “M”, whilethe second party supplies the OPRF key “K”. Only the first partyreceives (or can learn) the output of the OPRF. In the course of thecomputation, the first party does not learn any information about “K”.There are multiple implementations of OPRFs, including ones based onasymmetric encryption algorithms, RSA, blind signatures, Diffie-Hellmanexponentiation, Elliptic Curve scalar multiplication, homomorphicencryption, and others. The general principle upon which OPRFs operateis that the first party obscures or “blinds” the input message “M” intoa form which is meaningless to the second party before sending thatsecond party. The second party then operates upon the input with acertain function that takes both the blinded input “B” along with theOPRF key “K” to produce a “blinded output” which is not the finaloutput, but which is sent from the second party to the first party. Thefirst party, with knowledge of how the original input was obscured, canthen determine how to undo the impact of that operation from the blindedoutput, and recover the OPRF output. Because the reversal of theblinding is done by the first party, the second party never learns theOPRF output.

Taking the properties of the OPRF, and the design of the KMS describedabove together, the two may be merged to form a KMS which has superiorsecurity properties when compared to that which is provided in the priorart. This is done by substituting the PRF with an OPRF, and by havingthe requester perform some additional pre-processing of the request andsome post-processing of the response. The workflow with for aninteraction with a KMS based on an OPRF might be as follows:

1. The requester obscures one of the inputs to a key derivationfunction, for example, a sub-key identifier, by using an appropriateblinding function for the OPRF that is used by the KMS unit. Thisproduces a blinded-input “B”. In some examples, the size of the blindingkey is same as the size of the input provided thereto. For example, ifthe input is X bits or bytes in length, then the blinding key X bits orbytes in length (where X is a positive integer).

2. The requester seeking to access a key sends an Oblivious Key AccessRequest (OKAR) to a KMS unit, the request can include any one or moreof:

a. a requester identifier;

b. a root key identifier (e.g., additional information to reference aspecific OPRF key, e.g., a specific OPRF secret);

c. a blinded input B (e.g., B=BlindingFunction(sub-key identifier));

d. authenticating information (e.g., credentials such as a password, atoken, a response to a challenge, a signature, a digital certificate,etc.); and/or

e. A challenge to the KMS unit (for the KMS unit to prove its identityor correctness of operation)

3. The KMS unit performs validation of the request, including any one ormore of:

a. Ensuring the credentials are correct for the requester identifier;and/or

b. Ensuring the requester is authorized to access a key derived from thegiven root key identifier.

4. If not authorized, the KMS unit may be configured to return an errorresponse and may create an audit log of the failure or take othercorrective actions. If the request is authorized, the KMS unit proceedsto the next step.

5. The KMS unit processes the access request, by using the appropriateroot key (either the one indicated in the request, or by inferring itfrom other information, such as the requester identifier) together withthe blinded input to compute a blinded sub-key. For example, when usingan OPRF to derive a blinded sub-key, the KMS unit may compute thatblinded subkey S, as S=OPRF(root-key, B). The KMS unit may create anaudit log of the successful access request. It then proceeds to the nextstep.

6. If a challenge was provided by the requester to the KMS unit, the KMSunit generates a response to the challenge.

7. The KMS unit returns a response to the requester including theblinded sub-key and a challenge if one was generated.

8. The requester validates the response to the challenge (if provided),and if it is valid, proceeds to unblind the sub-key using theappropriate function to unobscure the blinded sub-key and recover theOPRF output.

9. The requester uses the OPRF output as the key or to derive a key andthen may perform encryption or decryption operations with that key.

In this manner, the KMS unit no longer sees the keys, and if the KMSunit cannot determine, predict, or guess the original unblinded sub-keyidentifiers, it has no capacity to determine any of the keys therequester receives.

FIG. 4A is a diagram illustrating an embodiment 401 of one or morecommunication systems supporting key protect with obliviousnessaccording to various embodiments of the present invention. A service 410(e.g., a cloud storage service, such as one that stores encrypted data410 a and Data Encryption Key (DEK) identifiers (IDs) 410 b) and a keyprotect instance 410 (e.g., a Hardware Security Module (HSM) 420b, suchas one that stores one or more keys 420 a). The service 410 blinds a DEKID to generate B(DEK_ID). Then, the service 410 transmits get DEKrequest (getDEK(CDK_ ID, B(DEK_ID))) to the key protect instance 410.The key protect instance 410 processes the get DEK request(getDEK(CDK_ID, B(DEK_ID))) and returned a blinded key B(DEK).

In this implementation, there is no information about a Data EncryptionKey (DEK) that is exposed by the exchange between the service 410 (e.g.,a cloud storage service) and the key protect instance 410 (e.g., aHardware Security Module (HSM)). This oblivious implementedarchitecture's security, unlike prior art approaches in which variouscomponents and signals are vulnerable to interception duringtransmission, remains secure against adversaries with unboundedcomputing power as no useful information is revealed through theexchange. There is no information that is vulnerable to be interceptedduring this process.

With the post-quantum security of obliviousness, the exchanged messagesreveal no information to the attacker. Note that even when implemented,a Transport Layer Security's (TLS's) confidentiality is made superfluousgiven the security provided by the novel implementation as describedherein. A breached oblivious key protect instance 420 would not endangerdata keys, assuming the key ids are unknown to the attacker. Data Keys(Data Encryption Keys (DEKs)) only exist and available within theboundary of the service or user recovering the key. The only change onthe service side is that instead of storing wrapped DEKs, the systemwould simply store the DEK IDs.

FIG. 4B is a diagram illustrating an embodiment 402 of one or morecommunication systems supporting Hardware Security Module (HSM)integration according to various embodiments of the present invention.An already-implemented HSM that supports the math used in accordancewith OPRFs may be readily configured to support the novel implementationas presented herein. For example, such math that is based on an EllipticCurve operation (e.g., EC Diffie-Hellman) may be used to support suchOPRFs as described herein.

For example, when the math of OPRFs is fully supported by an existingHSMs, then Customer Root Keys (CRKs) can remain within HSMs at all timesand will never be exposed to the host's memory.

Referring to the diagram, an application API DeriveKey operate issupported by client 430 based on a Data Encryption Key (DEK) identifier(ID) (DEK_ID) that undergoes blinding to generate a blinded dataencryption key identifier, B(DEK) that is processed via the service 410(e.g., cloud storage service) based on service-side HTTP REST API viathe key protect instance 420 (e.g., HSM) as follows:

Blinded(DEK) or B(DEK)=DeriveKey(CRK_ID, Blinded(DEK_ID))

This method takes two inputs, the customer root key identifier, CRK_ ID,and the blinded data encryption key identifier, Blinded(DEK_ID)). Itreturns a blinded data encryption key, Blinded(DEK) or B(DEK).

With respect to the Client-side SDK API, the Data Encryption Key (DEK)is returned as follows:

DEK=DeriveKey(CRK_ID, DEK_ID)

This method takes the CRK id and the DEK id. The software developmentkit (SDK) code handles all blinding and de-blinding internally. Itreturns the DEK.

In some examples, to get obliviousness as a property, it may requiresome client-side preprocessing before invoking the server's API, such asfollowed by some post-processing of the server's result. For example,this may be done to perform the blinding and de-blinding. A client-SDKwould hide all of this from the end user and present a basic interfacethat takes the CRK and DEK IDs and returns the corresponding DEK.

In addition, note that multi-tenancy may also be supported such thatdifferent tenants supply different CRK_IDs that corresponds to adifferent OPRF key (e.g., different OPRF secret).

Note also that alternative, optional, and/or additional REST (RESTful,(representational state transfer)) API may be used as follows:

(CRVK-Certificate)=GetRootVerificationKey(CRK_ID)

This method takes the CRK ID and returns a certificate for the “CustomerRoot Verification Key” (CRVK) corresponding to the CRK.

The certificate binds the CRKV to the CRK_ID with a digital signature

The CRVK can be used to prove returned keys are correctly computed

Blinded(DEK), Response=DeriveAndVerifyKey(CRK_ID, Blinded(DEK_ID),Challenge)

This method takes three inputs, the CRK ID, the blinded DEK ID, and aspecially crafted “challenge”. It enables the client to certify that theblinded key was computed correctly and using the correct CRK. Thisprotects against MITM (“man in the middle,” such as a middling device,etc.) attacks, server errors, defects, and memory corruption. Normallysuch a corruption would result in data loss such as based on encryptionwith a bad key. Note also that such novel solutions as presented hereincan allow a client to validate that the KMS provided the correct key.

FIG. 4C is a diagram illustrating an embodiment 403 of key hierarchiesas may be used in accordance with a KMS according to various embodimentsof the present invention. This diagram includes a hierarchy thatincludes a root key at a top parent level, then development, sales, andoperations in a lower child level, and then roadmap and sales at a childlevel below development, customers and leads at a child level belowsales, and payroll at a child level below operations. Each respectivelower level in the hierarchy is based on any encrypted by the keyassociated with one or more upper levels. This enables hierarchicalbusiness cases, e.g., “Root Key” encrypts “Development Key” encrypts“Roadmap Key”. For another example, “Root Key” encrypts “Sales Key”encrypts “Leads Key”. Access to a parent level key grants access tolower level child keys. Note that only knowing a key not directly in thelineage doesn't allow for access to other keys not in that lineage. Forexample, having “Development Key” wouldn't grant access to “Payroll”.

Note that implementing a hierarchy of keys requires multiple levels ofwrapping. If the hierarchy is deep, this can potentially introduceperformance and scaling concerns. For each level of depth in thehierarchy, the KMS may need to import another key from the database andperform another HSM operation. Note that such novel solutions asdescribed herein with respect to servicing and operating a KMS may beapplied and applicable to any type of key hierarchy including systemthat include only one level therein or N levels therein (where N is apositive integer greater than or equal to 2).

FIG. 5 is a diagram illustrating an embodiment of a method 500 forexecution by one or more computing devices according to variousembodiments of the present invention. The method 500 begins in step 510by processing an input value that is associated with a key based on ablinding key in accordance with an OPRF blinding operation (e.g.,homomorphic encryption, one or more other blinding operations, etc.) togenerate a blinded value. The method 500 continues in step 520 bytransmitting (e.g., via an interface of the computing device that isconfigured to interface and communicate with a communication system) theblinded value to another computing device that is associated with a KeyManagement System (KMS) service.

The method 500 then operates in step 530 by receiving (e.g., via theinterface and via the communication system and from the other computingdevice that is associated with the KMS service) a blinded key. Note thatthe blinded key is based on processing of the blinded value based on anOblivious Pseudorandom Function (OPRF) using an OPRF secret. The method500 then continues in step 540 by processing the blinded key based onthe blinding key in accordance with an OPRF unblinding operation (e.g.,homomorphic decryption, one or more other unblinding operations, etc.)to generate the key that is associated with the input value.

In some examples, the method 500 then operates in step 550 by accessing(e.g., via the interface and via the communication system, based onlocally available information, and/or combination thereof, etc.) secureinformation based on the key. For example, the secure information mayinclude secure data that is key-protected or another key that isencrypted (e.g., a wrapped key).

In some examples, the input value is unknown to the other computingdevice. Also, in certain specific examples, the input value includes akey identifier that is associated with the key. Also, in some examples,the key is unknown to the other computing device. In addition, incertain specific examples, the key includes a Data Encryption Key (DEK)or a Key Encryption Key (KEK). Note that the OPRF secret is unknown tothe computing device and is based on a Customer Root Key (CRK) that isassociated with the computing device.

FIG. 6 is a diagram illustrating an embodiment 600 of one or morecommunication systems supporting a KMS based on a Partially-ObliviousPseudorandom Function (P-OPRF) according to various embodiments of thepresent invention. This diagram has some similarities to FIG. 3B.

As also described herein, an Oblivious Pseudorandom Function (OPRF) maybe used in the process of producing, servicing, etc. encryption keys ofany desired type (e.g., including any one or more of a DEK, a KEK, aWDEK, a M-KEK), an I-KEK, a CRK) and/or any other type of key includingthose associated with and used to encrypt and/or decrypt information).However, a related function, a Partially-Oblivious Pseudorandom Function(P-OPRF) can provide additional efficiency, performance, and scalabilityadvantages, especially in multi-agent environments (when many distinctOPRF keys must be maintained).

An Partially Oblivious Pseudorandom Function (P-OPRF) is a function thattakes three inputs:

1. a OPRF key “K”

2. an arbitrary message “M”

3. an arbitrary exposed message “E” (or alternatively, “P” in certainexamples, embodiments, etc. herein)

From these three inputs the P-OPRF returns a pseudorandom output.However, unlike the OPRF which takes only K and M, the P-OPRF takes anadditional input “E”. This input is exposed to the party that holds theOPRF key “K” (that is, the party holding K becomes aware of the valueE), however that party remains oblivious as to the value M. Note that ina P-OPRF, either party may supply the value of E, or each party maycontribute to some part of E. There are multiple implementations ofP-OPRFs, including ones based on elliptic curve pairings, among others.

Unlike in an OPRF where the party holding the OPRF key learns nothingabout any of the input or the output of the function, with the P-OPRFthe party holding the OPRF key learns part of the input to the function(E). This enables the KMS to perform a number of more advancedauthentication and authorization checks, and in some cases can allowdifferent entities to share a single OPRF key securely.

Taking the properties of the P-OPRF, and the design requirements for aKey Management System (KMS) a KMS which has superior security andefficiency properties may be built as follows:

1. The requester obscures one of the inputs to a key derivationfunction, for example, a sub-key identifier, by using an appropriateblinding function for the P-OPRF that is used by the KMS unit (e.g., KMSservice 121). This produces a blinded-input “B”

2. The requester can additionally supply a portion of the input whichwill be seen by the KMS unit (e.g., KMS service 121) (E_r). This may beviewed as the requester's supplied contribution to the exposed input E.

3. The requester seeking to access a key sends an Oblivious Key AccessRequest (OKAR) to a KMS unit (e.g., KMS service 121), the request caninclude and one or more of:

a. a requester identifier;

b. a root key identifier (e.g., additional information to reference aspecific OPRF key);

c. a blinded input B (e.g., B=BlindingFunction(sub-key identifier));

d. an exposed input E_r (e.g., a username, a key path, a subset of a keyhierarchy, etc.);

e. authenticating information (e.g., credentials such as a password, atoken, a response to a challenge, a signature, a digital certificate,etc.); and/or

e. A challenge to the KMS unit (e.g., KMS service 121) (for the KMS unit(e.g., KMS service 121) to prove its identity or correctness ofoperation).

4. The KMS unit (e.g., KMS service 121) performs validation of therequest, including any one or more of:

a. Ensuring the credentials are correct for the requester identifier;

b. Ensuring the requester is authorized to access a key derived from thegiven root key identifier;

c. Ensuring that the exposed input (E_r) is allowed to be used for therequester given their authorization.

5. If not authorized, the KMS unit (e.g., KMS service 121) returns anerror response and may create an audit log of the failure or take othercorrective actions. If the request is authorized, the KMS unit (e.g.,KMS service 121) proceeds to the next step.

6. The KMS unit (e.g., KMS service 121) may itself supply additionalexposed input E u (input supplied by the KMS unit (e.g., KMS service121)), this might indicate a user identifier, a key identifier, a rootkey identifier, or other arbitrary information. The KMS unit (e.g., KMSservice 121) combines both any requester supplied exposed input E_r withany KMS unit (e.g., KMS service 121) supplied exposed input E_u, toproduce the final exposed input E.

7. The KMS unit (e.g., KMS service 121) processes the access request, byusing the appropriate root key (either the one indicated in the request,or by inferring it from other information, such as the requesteridentifier) together with the blinded input, and the final exposedinput, to compute a blinded sub-key. For example, when using an P-OPRFto derive a blinded sub-key, the KMS unit (e.g., KMS service 121) maycompute that blinded subkey S, as S=P-OPRF(root-key, B, E). The KMS unit(e.g., KMS service 121) may create an audit log of the successful accessrequest. It then proceeds to the next step.

8. If a challenge was provided by the requester to the KMS unit (e.g.,KMS service 121), the KMS unit (e.g., KMS service 121) generates aresponse to the challenge

9. The KMS unit (e.g., KMS service 121) returns a response to therequester including the blinded sub-key and a challenge if one wasgenerated

10. The requester validates the response to the challenge (if provided),and if it is valid, proceeds to unblind the sub-key using theappropriate function to unobscure the blinded sub-key and recover theOPRF output.

11. The requester uses the OPRF output as the key or to derive a key andthen may perform encryption or decryption operations with that key.

In this manner, the KMS unit (e.g., KMS service 121) no longer sees thekeys, and if the KMS unit (e.g., KMS service 121) cannot determine,predict, or guess the original unblinded sub-key identifiers, it has nocapacity to determine any of the keys the requester receives. Further,however, it enables the virtual representation of an unlimited number ofdistinct keys for any single OPRF key. This can be done in various ways,for example:

1. By using the root-key-identifier as E_u, the KMS unit (e.g., KMSservice 121) can produce unique OPRF outputs without actually having tostore and maintain a unique OPRF key for each root-key.

2. The requester, by sending key information as part of E_r, the KMSunit (e.g., KMS service 121) can validate that key information to ensurethe requester has access before computing the P-OPRF output. Forexample, a requester may supply key information in the form of a path,such as “Root/Files/Documents/Development/CodeRepository”. If therequester has a permission indicating access to any path starting with“Root/Files/Documents/Development!” then the KMS will authorize therequest and process it, otherwise it can return an access denied error,since the requester did not have an appropriate permission grantingaccess to use that key information in the derivation of a key.

Note, that such a P-OPRF may be used and implemented in accordance anyof a variety of means including based on any variety of P-OPRF includinga threshold P-OPRF (TP-OPRF). This will result in a Threshold PartiallyOblivious Pseudorandom Function TP-OPRF. This enables a KMS based onP-OPRFs to operate without single points of compromise in theiroperation.

In accordance with servicing respective keys to different respectiveusers, a KMS service is configured to provide unique keys (e.g., aunique CRK) to different respective users to define unique accesscontrols for those different respective users. For example, in somesituations, tenants require a unique CRK to define unique accesscontrols. This can also be true for a KMS that operates in accordancewith obliviousness such as using an OPRF as described herein. However, aP-OPRF allows for a KMS service to represent, in a virtual manner, anunlimited number of tenants each with unlimited CRKs with constantmemory (e.g., without requiring additional memory). For example, asdescribed elsewhere herein, a prior art-implemented KMS (e.g., a Cloudimplemented KMS using Hardware Security Modules (HSMs)) can be severelyis limited in how many keys it can hold and service. These priorart-implemented KMSs are very difficult and expensive to scale. Novelsolutions are presented herein that allow for an unlimited number ofkeys to be serviced in a virtual manner in accordance with using anarbitrary exposed value in accordance with a P-OPRF.

Another example of an P-OPRF is described below:

A Partially Oblivious PRF allows two parties to evaluate a function, andthe P-OPRF is based on three inputs (as opposed to two inputs for aOPRF):

Consider Alice to be a client device such as a computing deviceassociated with a client and Bob to be a KMS service device such as acomputing device associated with a KMS.

Y=P-OPRF(K, P, X)

The P-OPRF secret K is only known to “Bob”; Alice can't determine it.

Output Y and input X are only known to “Alice”; Bob can't determineeither output Y or input X.

Input P is entered by Bob but may be suggested by Alice, it is notsecret.

The P-OPRF enables a Cloud KMS to isolate tenants or projects withouthaving to store separate CRKs for each one

The provider uses a “P” derived from the tenant id, CRK ID, or projectID.

The tenant uses “X” as a “key id” and “Y” as the key.

Considering an example of a key hierarchy (e.g., such as described withrespect to FIG. 4C), such a virtual key hierarchy may be implementedbased on a P-OPRF.

For example, consider that the system provides a user (e.g., a computingdevice associated with a user) with one or more permission grants suchas:

Permission “Root/Sales/Leads/*”

Permission “Root/Development/*” based on FIG. 4C.

A user (e.g., a computing device associated with a user) that has beenwith the above permission grants is permitted by the server to form a Pvalue that is any string extension to their permitted paths:

P=“Root/Development/Source Code” allowed by “Root/Development/*”

P=“Root/Sales/Customers” denied, no permission to path

The server virtually enforces the same key hierarchy, but needs to applyonly a single “partially oblivious” operation to derive the key whenoperating based on the appropriate arbitrary exposed message for theappropriate user (e.g., a computing device associated with a user).

Such an P-OPRF-based KMS has many benefits. For example, such a systemallows for management of an unlimited number of keys for a single P-OPRFsecret “K”. In such a P-OPRF-based KMS, there is no need to storeanything additional, no need to export/import keys from externaldatabase (DB), no need for remote loading or input/output (I/O), no needfor inter-HSM communication or synchronization for sub-key creation, noneed for external databases needed for sub-keys (e.g., if CRKs fit inHSM), and no physical key hierarchy is necessary (a virtual keyhierarchy). Also, such a P-OPRF-based KMS allows for a single computingdevice (e.g., a single HSM-based operation) to support an unlimitednumber of keys (e.g., including within a key hierarchy having anydesired depth and/or including any number of keys).

In addition, note that a P-OPRF may be implemented to allow two or moreparties to compute:

Y=P-OPRF(V, X, E), where P-OPRF is Partially-Oblivious PseudorandomFunction (P-OPRF).

The P-OPRF “virtual secret” V is not known by anyone. When implementedas a threshold P-OPRF (TP-OPRF), pieces of the P-OPRF “virtual secret” Vare shared among n independent servers (e.g., possibly at n locations inn different HSMs).

Output Y and input X are only known to “Alice”; no one else learnseither.

As described herein, a P-OPRF includes three (3) inputs: a P-OPRF“virtual secret” V, the input X, and an arbitrary exposed message (e.g.,E parameter).

A threshold implemented P-OPRF (TP-OPRF) may operate to enable a CloudKMS to operate an OPRF or a P-OPRF as follows:

Yet the P-OPRF secret “V” is not known by anyone, as it exists nowherein a TP-OPRF.

It takes many breaches, or many colluding admins to expose “V”. Notethat a TP-OPRF, as a P-OPRF, would also include three (3) inputs: aP-OPRF “virtual secret” V, the input X, and an arbitrary exposed message(e.g., E parameter).

A computing device 110 (e.g., associated with a user) is configured toprocess an input value that is associated with a key based on a blindingkey in accordance with an OPRF blinding operation (e.g., homomorphicencryption, one or more other blinding operations, etc.) to generate ablinded value. The computing device 110 is also configured to generatean Oblivious Key Access Request (OKAR) based on the blinded value.

The computing device 110 is also configured to transmit (e.g., via acommunication system) the OKAR to another computing device that isassociated with a Key Management System (KMS) service (e.g., such as KMSservice 121). The computing device 110 is also configured to receive(e.g., via the communication system and from the other computing devicethat is associated with the KMS service such as KMS service 121) ablinded key. Note that the blinded key is based on processing of theOKAR based on a Partially Oblivious Pseudorandom Function (P-OPRF) usinga P-OPRF secret and an arbitrary exposed message that is known to theother computing device.

The computing device 110 is also configured to process the blinded keybased on the blinding key in accordance with an OPRF unblindingoperation (e.g., homomorphic decryption, one or more other unblindingoperations, etc.) to generate the key that is associated with the inputvalue. The computing device 110 is also configured to access (e.g., viathe communication system, based on locally available and/or storedsecure information, and/or combination thereof, etc.) secure informationbased on the key. For example, this key may then be used by thecomputing device 110 to process secure information. For example, secureinformation may be accessed based on the key. Alternatively, data may beencrypted using the key, and/or encrypted data may be decrypted usingthe key.

FIG. 7 is a diagram illustrating an embodiment of a method 700 forexecution by one or more computing devices according to variousembodiments of the present invention. The method 700 operates in step710 by processing an input value that is associated with a key based ona blinding key in accordance with an OPRF blinding operation (e.g.,homomorphic encryption, one or more other blinding operations, etc.) togenerate a blinded value. The method 700 then continues in step 720 bygenerating an Oblivious Key Access Request (OKAR) based on the blindedvalue.

The method 700 also operates in step 730 by transmitting (e.g., via aninterface of a computing device that is configured to interface andcommunicate with a communication system and via the communicationsystem) the OKAR to another computing device that is associated with aKey Management System (KMS) service. The method 700 continues in step740 by receiving (e.g., via the interface and via the communicationsystem and from the other computing device that is associated with theKMS service) a blinded key. Note that the blinded key is based onprocessing of the OKAR based on a Partially Oblivious PseudorandomFunction (P-OPRF) using a P-OPRF secret and an arbitrary exposed messagethat is known to the other computing device (block 742). The method 700then operates in step 750 by processing the blinded key based on theblinding key in accordance with an OPRF unblinding operation (e.g.,homomorphic decryption, one or more other unblinding operations, etc.)to generate the key that is associated with the input value.

In some examples, the method 700 continues in step 760 by accessing(e.g., via the interface and via the communication system, based onlocally available information, and/or combination thereof, etc.) secureinformation based on the key. This may involve processing secureinformation using the key. For example, secure information may beaccessed based on the key (e.g., such as the secure information beingstored remotely in one or more other devices within the communicationsystem and accessing that secure information via the interface and viathe communication system). Alternatively, this may involve encryptingdata using the key, and/or decrypting encrypted data using the key. Ingeneral, any of a variety of operations may be made using the key inaccordance with operations related to secure information.

In alternative optional examples of the method 700, the method 700 alsoinvolves processing another input value that is associated with anotherkey based on the blinding key in accordance with an OPRF blindingoperation (e.g., homomorphic encryption, one or more other blindingoperations, etc.) to generate another blinded value. This also involvestransmitting (e.g., via the interface and via the communication system)the other blinded value to the other computing device that is associatedwith the KMS service. This also involves receiving (e.g., via theinterface and via the communication system and from the other computingdevice that is associated with the KMS service) another blinded key.Note that the other blinded key is based on processing of the otherblinded value based on the P-OPRF using the P-OPRF secret and anotherarbitrary exposed message. This also involves processing the otherblinded key based on the blinding key in accordance with an OPRFunblinding operation (e.g., homomorphic decryption, one or more otherunblinding operations, etc.) to generate the other key that isassociated with the other input value. This also involves accessing(e.g., via the interface and via the communication system) other secureinformation based on the other key.

In even other alternative optional examples of the method 700, themethod 700 also involves determining the arbitrary exposed message. Thisalso involves transmitting (e.g., via the interface and via thecommunication system) the arbitrary exposed message to the othercomputing device that is associated with the KMS service to be used bythe other computing device in accordance with processing of the blindedvalue based on the P-OPRF using the P-OPRF secret and the arbitraryexposed message.

In some other alternative optional examples of the method 700, themethod 700 also involves determining a first arbitrary exposedsub-message. This also involves transmitting (e.g., via the interfaceand via the communication system) the first arbitrary exposedsub-message to the other computing device that is associated with theKMS service to be processed by the other computing device with a secondarbitrary exposed sub-message to generate the arbitrary exposed messageto be used by the other computing device in accordance with processingof the blinded value based on the P-OPRF using the P-OPRF secret and thearbitrary exposed message.

In yet other alternative optional examples of the method 700, the method700 also involves generating the OKAR based on the blinded value andbased on a challenge to be used by the other computing device that isassociated with the KMS service to verify at least one of identity ofthe KMS service or correctness of operation of the KMS service. Thisalso involves receiving (e.g., via the interface and via thecommunication system and from the other computing device that isassociated with the KMS service) the blinded key and a response to thechallenge, wherein the response to the challenge is based on processingof the challenge by the other computing device that is associated withthe KMS service to verify the at least one of the identity of the KMSservice or the correctness of operation of the KMS service. This alsoinvolves determining whether the response to the challenge comparesfavorably to the challenge. Then, based on a determination that theresponse to the challenge compares favorably to the challenge, this alsoinvolves processing the blinded key based on the blinding key inaccordance with an OPRF unblinding operation (e.g., homomorphicdecryption, one or more other unblinding operations, etc.) to generatethe key that is associated with the input value.

In alternative optional examples of the method 700, the method 700 alsoinvolves generating the OKAR based on the blinded value and one or moreother parameters. Such parameters may include any one or more of arequester identifier (ID), a root key identifier that includes thatspecifies the P-OPRF secret among a plurality of OPRF keys of the KMSservice, the blinded value, the arbitrary exposed message that includesat least one of a username, a key path, or a subset of a key hierarchy,authenticating information that includes at least credential thatincludes at least one of a password, a token, a response to a firstchallenge, a signature, or a digital certificate, and/or a secondchallenge to be used by the other computing device that is associatedwith the KMS service to verify at least one of identity of the KMSservice or correctness of operation of the KMS service.

FIG. 8 is a diagram illustrating an embodiment 800 of one or morecommunication systems supporting a KMS based on a ThresholdPartially-Oblivious Pseudorandom Function (TP-OPRF) according to variousembodiments of the present invention. Various embodiments, examples,etc. of Partially-Oblivious Pseudorandom Functions (P-OPRFs) have beendescribed above. a TP-OPRF is related to, at least in part, on a P-OPRF.In accordance with operation of a TP-OPRF, no one single computingdevice associated with a KMS service has the OPRF key. Instead, the OPRFkey is partitioned, sub-divided, broken apart, etc. into differentrespective portions and distributed among different respective computingdevices associated with a KMS service, so that no one single computingdevice associated with a KMS service has the OPRF key (sometimesalternatively referred to as OPRF secret, and alternatively referred toas a P-OPRF key or a TP-OPRF key in such P-OPRF and TP-OPRFimplementations).

For example, in accordance with a TP-OPRF implementation, a thresholdnumber of different respective computing devices associated with the KMSservice have different respective shares of the TP-OPRF key. Forexample, a TP-OPRF key includes a plurality of unique PRF keys that aredistributedly stored among a plurality of shareholder computing devices(e.g., those different respective computing devices associated with theKMS service). Such a TP-OPRF operates such that a threshold number ofthose shareholder computing devices operate cooperatively to provide andcalculate the P-OPRF. Analogously, a Threshold Oblivious PseudorandomFunction (T-OPRF) operates such that a threshold number of thoseshareholder computing devices operate cooperatively to provide andcalculate the OPRF. Such a T-OPRF or TP-OPRF has no single points offailure or compromise (e.g., no one single computing device associatedwith a KMS service has the OPRF key).

Such a novel implementation of a T-OPRF or a TP-OPRF as described hereinensures invulnerability to attacks on any single shareholder computingdevice based on the distributed architecture having no single point offailure or compromise. For example, a very high degree of reliability isprovided without requiring any a replication mechanism. Also, withinsuch novel solutions a presented herein, such a T-OPRF or a TP-OPRFimplemented KMS service never learns and/or possesses root keys as maybe used therein and thereby does not require absolute or an acceptablyvery high degree of trust for the T-OPRF or a TP-OPRF implemented KMSservice. Also, within such novel solutions a presented here, even ifthere is a breach of some of the shareholder computing devices (e.g.,fewer than a threshold number of shareholder computing devices), theT-OPRF or a TP-OPRF implemented KMS service can tolerate and recovertherefrom without sacrificing the integrity of the service provided andsecurity to its client(s).

As described herein, Threshold Partially-Oblivious PseudorandomFunctions (TP-OPRFs) have many applications in the realm of security.For example, they enable secure key management systems, secure storageof secrets, and secure authentication services wherein the system doesnot and cannot learn or attack any user's secret information without asignificant number of compromises and system breaches. However, somemechanisms for implementing TP-OPRFs are computationally inefficient.This limits the practicality, performance, and scalability of TP-OPRFsystems based on these inefficient methods.

This disclosure presents, among other things, novel solutions by whichTP-OPRFs may be implemented in much more computationally efficient ways.Such novel solutions a presented herein provide for improvements in theoperation of the individual computing devices within the overall systemas well as improvements in the operation of the overall system itself.

An alternate approach for implementing a TP-OPRF that can havesignificantly less computational cost operates as follows:

1. A given number of distinct “shareholders” is defined as “N” (e.g.,shown as computing device 112, 113, through computing device 114, whichmay also be referred to as different respective KMS host devices, KMShost 1, KMS host 2, through KMS host N, such that each of thesedifferent respective devices holds a share of the overall TP-OPRF key,such as different respective, unique PRF keys shown as differentrespective shares that are distributed among the different respectiveKMS host devices as share 1, share 2, through share N).

2. A given threshold for computing the TP-OPRF is defined “T”, where1<=T<=N

3. For each unique subset of size T of the set of N shareholders, aPseudorandom Function (PRF) key is generated. This results in (N chooseT), equal to (N!/(T!*(N−T)!)) where ! is the factorial operator, uniquePRF keys.

4. After the (N choose T) PRF keys are generated, they are distributedto the shareholders. Shareholders need not receive any PRF key thatcorresponds to a subset for which that shareholder is a member.Therefore, the shareholder receives minimally ((N−1) choose T) PRF keys.

5. The different respective shareholders persist, store, and hold theirdifferent respective PRF keys, completing the initialization.

After the initialization, a requester may send requests to any thresholdnumber of shareholders to evaluate the TP-OPRF. This is performed as viathe following steps:

1. The requester chooses a value “X” which will be one of the inputs tothe TP-OPRF (e.g., “X”=input value that is associated with a key)

2. The requester blinds the value X via a blinding function to yield theblinded input “B (X)”

3. The requester optionally supplies an exposed input “E”

4. The requester selects at least T shareholders to involve in theevaluation of the TP-OPRF

5. For each selected shareholder, the requester (computing device 110)sends (to the selected shareholder computing devices among theshareholder computing devices 112-114, e.g., via a proxy layer 816 thatmay include one or more network segments, a cloud computing environment,etc. as described herein):

a. B(X)—the blinded input; and optionally,

b. E—the exposed input, if any exposed input is supplied by therequester

6. For each shareholder that receives a request (e.g., those selectedshareholder computing devices among the shareholder computing devices112-114), that respective shareholder performs the following steps:

a. The shareholder may supply additional exposed input “S”, if theshareholder supplies additional input, each of the shareholdersparticipating in the operation must agree to supply the same additionalexposed input.

b. The shareholder combines any exposed input “E” from the requester, ifpresent, with shareholder supplied input, if any, S, to produce acombined exposed input “Y”. e.g., Y=Combine(E, S)

c. The shareholder applies the PRF function (e.g., Advanced EncryptionStandard (AES), a key hash, such as a hash of a media access controller(MAC) address or identifier, such as HMAC, etc.) using each of the PRFkeys they possess which correspond to subsets of T shareholders which donot include themselves. That is, each shareholder computes, for eachkey, “R_i=PRF(PRF-key Y)” for each of the ((N−1) choose T) PRF keyscorresponding to subsets of size T of the N shareholders for thosesubsets that do not contain itself (the shareholder).

d. The shareholder uses each of the ((N−1) choose T) “R_i” values toimplement a technique known as “share conversion”, which yields aconsistent “secret share” which depends on the given “Y” value that wasused. The share that each shareholder obtains through this process, isconsistent with secret shares of all the other shareholders so long aseach shareholder used the same “Y” value and the same set of PRF keys.This share, for shareholder_j shall be called share jy (as it is uniquefor each shareholder_j and input value Y). As such, each of therespective unique shares that are respectively associated with arespective shareholder are respectively generated based on shareconversion. For example, a first unique share that is associated with afirst respective shareholder is generated based on share conversion, anda second unique share that is associated with a second respectiveshareholder is also generated based on share conversion.

e. The shareholder computes the Oblivious Pseudorandom Function for theinput B, using share jy as the OPRF key. In other words, shareholder_jcomputes a “share of the blinded output”: B(O)_j=OPRF(share_jy, B(X)),which is the blinded output component produced by shareholder j. Theshareholder returns B(O)_j to the requester (e.g., computing device110).

7. The requester (e.g., computing device 110) then receives these andcombines each of the B(O)_j values from at least a threshold T number ofshareholders. This combination yields “B(O)”—the blinded output.

8. The requester de-blinds the blinded output B(O) to obtain the TP-OPRFoutput “O”, where O=TP-OPRF(OPRF-Key, X, Y)

In some examples, the combinatorial number of PRF evaluations can becostly in terms of operations. For example, for large N values (e.g.,100 s, 1000 s, etc.), this can include a large number of PRFevaluations. However, for reasonable values (e.g., 12 or fewer computingdevices 112-114 that form the shareholder computing devices that areassociated with a Key Management System (KMS) service), no more than 500PRF evaluations are required. For sufficiently small numbers of PRFevaluations, this approach is the most efficient known way to constructa TP-OPRF and provides significant improvements in the overall theoperation(s) of computing devices, communication systems, etc. withinthe prior art. Moreover, it permits parallelization of the computation,leading to great performance when multiple computing cores or CPUs areavailable to the shareholder.

In an example of operation and implementation, the computing device 110is configured to process an input value that is associated with a keybased on a blinding key in accordance with a ThresholdPartially-Oblivious Pseudorandom Function (TP-OPRF) blinding operationto generate a blinded input. The computing device 110 then is configuredto select a threshold number of shareholder computing devices that areassociated with a Key Management System (KMS) service (e.g., computingdevices 112-114). Note that the TP-OPRF key includes a plurality ofunique PRF keys that are distributedly stored among a plurality ofshareholder computing devices (e.g., among the computing devices112-114). Also, note that the threshold number of shareholder computingdevices includes fewer than all of the plurality of shareholdercomputing devices (e.g., fewer than all of the computing devices112-114) in some examples. In other examples, the threshold number ofshareholder computing devices includes all of the plurality ofshareholder computing devices (e.g., all of the computing devices112-114).

The computing device 110 is configured to transmit (e.g., via thecommunication system such as via a proxy layer 816) the blinded input toat least the threshold number of shareholder computing devicesassociated with the KMS service.

Then, the computing device 110 is configured to receive (e.g., via thecommunication system such as via a proxy layer 816 and from the at leastthe threshold number of shareholder computing devices associated withthe KMS service) at least a threshold number of blinded outputcomponents.

Note that a blinded output component of the at least the thresholdnumber of blinded output components (e.g., blinded output component 1)is based on processing of the blinded input based on aPartially-Oblivious Pseudorandom Function (P-OPRF) using a unique shareof a P-OPRF secret (e.g., based on share 1) and an arbitrary exposedmessage by a shareholder computing device (e.g., computing device 112)of the plurality of shareholder computing devices (e.g., computingdevices 112-114). Note also that the arbitrary exposed message is knownto the shareholder computing device (e.g., computing device 112) of theplurality of shareholder computing devices, and the unique share of theP-OPRF secret (e.g., based on share 1) is associated with theshareholder computing device (e.g., computing device 112) of theplurality of shareholder computing devices (e.g., computing devices112-114). Similarly, another blinded output component of the at leastthe threshold number of blinded output components is based on processingof the blinded input based on the P-OPRF using another unique share ofthe P-OPRF secret (e.g., based on share 2) and the arbitrary exposedmessage by another shareholder computing device (e.g., computing device113) of the plurality of shareholder computing devices (e.g., computingdevices 112-114). Note that the arbitrary exposed message is known tothe other shareholder computing device (e.g., computing device 113) ofthe plurality of shareholder computing devices, and the other uniqueshare of the P-OPRF secret (e.g., based on share 12 is associated withthe other shareholder computing device (e.g., computing device 113) ofthe plurality of shareholder computing devices (e.g., computing devices112-114).

The computing device 110 is also configured to process the at least thethreshold number of blinded output components to generate a blindedoutput. The computing device 110 is also configured to process theblinded output based on the blinding key in accordance with a TP-OPRFunblinding operation to generate the key that is associated with theinput value.

The computing device 110 is also configured to access secure informationbased on the key. For example, the computing device 110 is configured tofacilitate and/or perform processing of secure information based on thekey. In some examples, the computing device 110 is configured facilitateand/or perform access of secure information based on the key. In someexamples, the computing device 110 is configured to use the key toaccess secure information (e.g., via the communication system such asvia the one or more network segments 116, based on locally availableand/or stored secure information, and/or combination thereof, etc.).Alternatively, the computing device 110 is configured to facilitateand/or perform encryption of data using the key. In other examples, thecomputing device 110 is configured to facilitate and/or performdecryption of encrypted data using the key.

In some alternative examples, the computing device 110 is alsoconfigured to determine an arbitrary exposed message and to transmit(e.g., via the communication system such as via a proxy layer 816) thearbitrary exposed message to the at least the threshold number ofshareholder computing devices associated with the KMS service to be usedrespectively by the at least the threshold number of shareholdercomputing devices associated with the KMS service in accordance withprocessing of the blinded input based on the P-OPRF using respectiveunique shares of the P-OPRF secret to generate the at least thethreshold number of blinded output components.

In some other alternative examples, the computing device 110 is alsoconfigured to determine a first arbitrary exposed sub-message and totransmit (e.g., via the communication system such as via a proxy layer816) the first arbitrary exposed sub-message to the at least thethreshold number of shareholder computing devices associated with theKMS service to be processed by the at least the threshold number ofshareholder computing devices associated with the KMS service with asecond arbitrary exposed sub-message to generate the arbitrary exposedmessage to be used respectively by the at least the threshold number ofshareholder computing devices associated with the KMS service inaccordance with processing of the blinded input based on the P-OPRFusing respective unique shares of the P-OPRF secret to generate the atleast the threshold number of blinded output components.

In yet other alternative examples, the relationships between theplurality of shareholder computing devices, the threshold number ofshareholder computing devices, the plurality of unique PRF keys, etc.may have certain characteristics. For example, in some examplesconsidering N and T are positive integers, such that T is less than orequal to N, the plurality of shareholder computing devices includes aplurality of N shareholder computing devices. The threshold number ofshareholder computing devices includes a threshold number of Tshareholder computing devices. Also, each PRF key of the plurality ofunique PRF keys is associated with a unique subset of size T of theplurality of N shareholder computing devices. As such, the plurality ofunique PRF keys includes a plurality of N choose T unique PRF keys. Theshareholder computing device of the plurality of shareholder computingdevices includes at least (N−1) choose T unique PRF keys of theplurality of unique PRF keys.

In addition, in some examples, the input value is unknown to theplurality of shareholder computing devices and includes a key identifierthat is associated with the key. The key is unknown to the plurality ofshareholder computing devices and includes a Data Encryption Key (DEK)or a Key Encryption Key (KEK). Also, the P-OPRF secret is unknown to thecomputing device and is based on a Customer Root Key (CRK) that isassociated with the computing device.

Also, in some other examples, note that the computing device 110includes a wireless smart phone, a cellular phone, a laptop, a personaldigital assistant, a tablet, a personal computers (PC), a work station,and/or a video game device. In addition to or alternatively, at leastone of the plurality of shareholder computing devices (e.g., computingdevices 112-114) includes a Hardware Security Module (HSM). Also, notethat the communication system (e.g., including at least part of theproxy layer 816) may be implemented to include at least one of awireless communication system, a wire lined communication system, anon-public intranet system, a public internet system, a local areanetwork (LAN), a wireless local area network (WLAN), a wide area network(WAN), a satellite communication system, a fiber-optic communicationsystem, and/or a mobile communication system.

Also, with respect to the proxy layer 816, note that such a proxy layer816 could be implemented in any of a variety or combination of ways. Insome examples, the proxy layer 816 is implemented in a cloud computingenvironment based on any of the examples, embodiments, and/orequivalents, etc. described herein. In other examples, the proxy layer816 is implemented within the computing device 110 itself. In even otherexamples, the proxy layer 816 is implemented in some intermediarycomputing device (e.g., an intermediate device that is implementedoutside of the cloud computing environment and the computing device 110.In general, the novel solutions presented herein that provide forsecurity based on one or more Key Management System (KMS) services basedon one or more of OPRF, P-OPRF, T-OPRF, TP-OPRF, etc. allow for theimplementation to be in any desired manner. From a security perspective,there is great flexibility in where such one or more KMS services areimplemented in that, there is nothing learned about the keys that areaccessed in such novel systems. In general, such one or more KMSservices may be implemented in any desired device(s), cloud computingenvironment(s), etc.

FIG. 9 is a diagram illustrating an embodiment of a method for executionby one or more computing devices according to various embodiments of thepresent invention. The method 900 operates in step 910 by processing aninput value that is associated with a key based on a blinding key inaccordance with a Threshold Partially-Oblivious Pseudorandom Function(TP-OPRF) blinding operation to generate a blinded input.

The method 900 then continues in step 920 by selecting a thresholdnumber of shareholder computing devices that are associated with a KeyManagement System (KMS) service, wherein a TP-OPRF key includes aplurality of unique PRF keys that are distributedly stored among aplurality of shareholder computing devices. Note that the thresholdnumber of shareholder computing devices includes fewer than all of theplurality of shareholder computing devices in some examples. In otherexamples, the threshold number of shareholder computing devices includesall of the plurality of shareholder computing devices.

The method 900 also operates in step 930 by transmitting (e.g., via aninterface of the computing device that is configured to interface andcommunicate with a communication system and via the communicationsystem) the blinded input to at least the threshold number ofshareholder computing devices associated with the KMS service. Themethod 900 continues in step 940 by receiving (e.g., via the interface,via the communication system, and from the at least the threshold numberof shareholder computing devices associated with the KMS service) atleast a threshold number of blinded output components. Note that ablinded output component of the at least the threshold number of blindedoutput components is based on processing of the blinded input based on aPartially-Oblivious Pseudorandom Function (P-OPRF) using a unique shareof a P-OPRF secret and an arbitrary exposed message by a shareholdercomputing device of the plurality of shareholder computing devices.Also, the arbitrary exposed message is known to the shareholdercomputing device of the plurality of shareholder computing devices, andthe unique share of the P-OPRF secret is associated with the shareholdercomputing device of the plurality of shareholder computing devices.

The method 900 then operates in step 950 by processing the at least thethreshold number of blinded output components to generate a blindedoutput. The method 900 continues in step 960 by processing the blindedoutput based on the blinding key in accordance with a TP-OPRF unblindingoperation to generate the key that is associated with the input value.

The method 900 then operates in step 970 by accessing secure informationbased on the key. For example, this may involve accessing any desiredsecure information based on the key via the interface and via thecommunication system, based on locally available information, and/orcombination thereof, etc. For example, the secure information mayinclude secure data that is key-protected or another key that isencrypted (e.g., a wrapped key).

In some examples and/or variants of the method 900, another blindedoutput component of the at least the threshold number of blinded outputcomponents is based on processing of the blinded input based on theP-OPRF using another unique share of the P-OPRF secret and the arbitraryexposed message by another shareholder computing device of the pluralityof shareholder computing devices, wherein the arbitrary exposed messageis known to the other shareholder computing device of the plurality ofshareholder computing devices, and the other unique share of the P-OPRFsecret is associated with the other shareholder computing device of theplurality of shareholder computing devices.

In other examples and/or variants of the method 900, the method alsooperates by determining the arbitrary exposed message and transmitting(e.g., via the interface and via the communication system) the arbitraryexposed message to the at least the threshold number of shareholdercomputing devices associated with the KMS service to be usedrespectively by the at least the threshold number of shareholdercomputing devices associated with the KMS service in accordance withprocessing of the blinded input based on the P-OPRF using respectiveunique shares of the P-OPRF secret to generate the at least thethreshold number of blinded output components.

In even other examples and/or variants of the method 900, the methodalso operates by determining a first arbitrary exposed sub-message andtransmitting (e.g., via the interface and via the communication system)the first arbitrary exposed sub-message to the at least the thresholdnumber of shareholder computing devices associated with the KMS serviceto be processed by the at least the threshold number of shareholdercomputing devices associated with the KMS service with a secondarbitrary exposed sub-message to generate the arbitrary exposed messageto be used respectively by the at least the threshold number ofshareholder computing devices associated with the KMS service inaccordance with processing of the blinded input based on the P-OPRFusing respective unique shares of the P-OPRF secret to generate the atleast the threshold number of blinded output components.

In yet other examples and/or variants of the method 900, therelationships between the plurality of shareholder computing devices,the threshold number of shareholder computing devices, the plurality ofunique PRF keys, etc. may have certain characteristics. For example, insome examples considering N and T are positive integers, such that T isless than or equal to N, the plurality of shareholder computing devicesincludes a plurality of N shareholder computing devices. The thresholdnumber of shareholder computing devices includes a threshold number of Tshareholder computing devices. Also, each PRF key of the plurality ofunique PRF keys is associated with a unique subset of size T of theplurality of N shareholder computing devices. As such, the plurality ofunique PRF keys includes a plurality of N choose T unique PRF keys. Theshareholder computing device of the plurality of shareholder computingdevices includes at least (N−1) choose T unique PRF keys of theplurality of unique PRF keys.

In certain other examples and/or variants of the method 900, the inputvalue is unknown to the plurality of shareholder computing devices andincludes a key identifier that is associated with the key. The key isunknown to the plurality of shareholder computing devices and includes aData Encryption Key (DEK) or a Key Encryption Key (KEK). Also, theP-OPRF secret is unknown to the computing device and is based on aCustomer Root Key (CRK) that is associated with the computing device.

Also, in some examples and/or variants of the method 900, note that thecomputing device includes a wireless smart phone, a cellular phone, alaptop, a personal digital assistant, a tablet, a personal computers(PC), a work station, and/or a video game device. In addition to oralternatively, at least one of the plurality of shareholder computingdevices includes a Hardware Security Module (HSM). Also, note that thecommunication system may be implemented to include at least one of awireless communication system, a wire lined communication system, anon-public intranet system, a public internet system, a local areanetwork (LAN), a wireless local area network (WLAN), a wide area network(WAN), a satellite communication system, a fiber-optic communicationsystem, and/or a mobile communication system.

FIG. 10 depicts a cloud computing environment 1000 according to variousembodiments of the present invention. FIG. 10 presents an illustrativecloud computing environment 50. As shown, cloud computing environment 50includes one or more cloud computing nodes 10 with which local computingdevices used by cloud consumers, such as, for example, personal digitalassistant (PDA) or cellular telephone 54A, desktop computer 54B, laptopcomputer 54C, and/or automobile computer system 54N may communicate.Nodes 10 may communicate with one another. They may be grouped (notshown) physically or virtually, in one or more networks, such asPrivate, Community, Public, or Hybrid clouds as described hereinabove,or a combination thereof. This allows cloud computing environment 50 tooffer infrastructure, platforms and/or software as services for which acloud consumer does not need to maintain resources on a local computingdevice. It is understood that the types of computing devices 54A-N shownin FIG. 10 are intended to be illustrative only and that computing nodes10 and cloud computing environment 50 can communicate with any type ofcomputerized device over any type of network and/or network addressableconnection (e.g., using a web browser).

It is to be understood that although this disclosure includes a detaileddescription on cloud computing, implementation of the teachings recitedherein are not limited to a cloud computing environment. Rather,embodiments of the present invention are capable of being implemented inconjunction with any other type of computing environment now known orlater developed.

Cloud computing is a model of service delivery for enabling convenient,on-demand network access to a shared pool of configurable computingresources (e.g., networks, network bandwidth, servers, processing,memory, storage, applications, virtual machines, and services) that canbe rapidly provisioned and released with minimal management effort orinteraction with a provider of the service. This cloud model may includeat least five characteristics, at least three service models, and atleast four deployment models.

Characteristics are as follows:

On-demand self-service: a cloud consumer can unilaterally provisioncomputing capabilities, such as server time and network storage, asneeded automatically without requiring human interaction with theservice's provider.

Broad network access: capabilities are available over a network andaccessed through standard mechanisms that promote use by heterogeneousthin or thick client platforms (e.g., mobile phones, laptops, and PDAs).

Resource pooling: the provider's computing resources are pooled to servemultiple consumers using a multi-tenant model, with different physicaland virtual resources dynamically assigned and reassigned according todemand. There is a sense of location independence in that the consumergenerally has no control or knowledge over the exact location of theprovided resources but may be able to specify location at a higher levelof abstraction (e.g., country, state, or datacenter).

Rapid elasticity: capabilities can be rapidly and elasticallyprovisioned, in some cases automatically, to quickly scale out andrapidly released to quickly scale in. To the consumer, the capabilitiesavailable for provisioning often appear to be unlimited and can bepurchased in any quantity at any time.

Measured service: cloud systems automatically control and optimizeresource use by leveraging a metering capability at some level ofabstraction appropriate to the type of service (e.g., storage,processing, bandwidth, and active user accounts). Resource usage can bemonitored, controlled, and reported, providing transparency for both theprovider and consumer of the utilized service.

Service Models are as follows:

Software as a Service (SaaS): the capability provided to the consumer isto use the provider's applications running on a cloud infrastructure.The applications are accessible from various client devices through athin client interface such as a web browser (e.g., web-based e-mail).The consumer does not manage or control the underlying cloudinfrastructure including network, servers, operating systems, storage,or even individual application capabilities, with the possible exceptionof limited user-specific application configuration settings.

Platform as a Service (PaaS): the capability provided to the consumer isto deploy onto the cloud infrastructure consumer-created or acquiredapplications created using programming languages and tools supported bythe provider. The consumer does not manage or control the underlyingcloud infrastructure including networks, servers, operating systems, orstorage, but has control over the deployed applications and possiblyapplication hosting environment configurations.

Infrastructure as a Service (IaaS): the capability provided to theconsumer is to provision processing, storage, networks, and otherfundamental computing resources where the consumer is able to deploy andrun arbitrary software, which can include operating systems andapplications. The consumer does not manage or control the underlyingcloud infrastructure but has control over operating systems, storage,deployed applications, and possibly limited control of select networkingcomponents (e.g., host firewalls).

Deployment Models are as follows:

Private cloud: the cloud infrastructure is operated solely for anorganization. It may be managed by the organization or a third party andmay exist on-premises or off-premises.

Community cloud: the cloud infrastructure is shared by severalorganizations and supports a specific community that has shared concerns(e.g., mission, security requirements, policy, and complianceconsiderations). It may be managed by the organizations or a third partyand may exist on-premises or off-premises.

Public cloud: the cloud infrastructure is made available to the generalpublic or a large industry group and is owned by an organization sellingcloud services.

Hybrid cloud: the cloud infrastructure is a composition of two or moreclouds (private, community, or public) that remain unique entities butare bound together by standardized or proprietary technology thatenables data and application portability (e.g., cloud bursting forload-balancing between clouds).

A cloud computing environment is service oriented with a focus onstatelessness, low coupling, modularity, and semantic interoperability.At the heart of cloud computing is an infrastructure that includes anetwork of interconnected nodes.

FIG. 11 depicts abstraction model layers 1100 according to variousembodiments of the present invention. Referring now to FIG. 11, a set offunctional abstraction layers provided by cloud computing environment 50(FIG. 10) is shown. It should be understood in advance that thecomponents, layers, and functions shown in FIG. 6 are intended to beillustrative only and embodiments of the invention are not limitedthereto. As depicted, the following layers and corresponding functionsare provided:

Hardware and software layer 60 includes hardware and softwarecomponents. Examples of hardware components include: mainframes 61; RISC(Reduced Instruction Set Computer) architecture based servers 62;servers 63; blade servers 64; storage devices 65; and networks andnetworking components 66. In some embodiments, software componentsinclude network application server software 67 and database software 68.In some embodiments, one or more hardware components can be implementedby utilizing the computing device 1201 of FIG. 12.

Virtualization layer 70 provides an abstraction layer from which thefollowing examples of virtual entities may be provided: virtual servers71; virtual storage 72; virtual networks 73, including virtual privatenetworks; virtual applications and operating systems 74; and virtualclients 75.

In one example, management layer 80 may provide the functions describedbelow. Resource provisioning 81 provides dynamic procurement ofcomputing resources and other resources that are utilized to performtasks within the cloud computing environment. Metering and Pricing 82provide cost tracking as resources are utilized within the cloudcomputing environment, and billing or invoicing for consumption of theseresources. In one example, these resources may include applicationsoftware licenses. Security provides identity verification for cloudconsumers and tasks, as well as protection for data and other resources.User portal 83 provides access to the cloud computing environment forconsumers and system administrators. Service level management 84provides cloud computing resource allocation and management such thatrequired service levels are met. Service Level Agreement (SLA) planningand fulfillment 85 provide pre-arrangement for, and procurement of,cloud computing resources for which a future requirement is anticipatedin accordance with an SLA.

Workloads layer 90 provides examples of functionality for which thecloud computing environment may be utilized. Examples of workloads andfunctions which may be provided from this layer include: mapping andnavigation 91; software development and lifecycle management 92; virtualclassroom education delivery 93; data analytics processing 94;transaction processing 95; and security, encryption, and key management,etc. for use in accordance with operations based on communicationsystems and communications related to one or more Key Management Systems(KMSs) that operate based on one or more Threshold Partially-ObliviousPseudorandom Functions (TP-OPRFs) and associated processing andoperations 96.

FIG. 12 depicts a block diagram 1200 of a computing device according tovarious embodiments of the present invention. FIG. 12 depicts a blockdiagram of components of a computing device 1201, which can be utilizedto implement some or all of the cloud computing nodes 10, some or all ofthe computing devices 54A-N of FIG. 10, and/or to implement othercomputing devices described herein in accordance with an embodiment ofthe present invention. It should be appreciated that FIG. 12 providesonly an illustration of one implementation and does not imply anylimitations with regard to the environments in which differentembodiments may be implemented. Many modifications to the depictedenvironment may be made.

Computing device 1201 can include one or more processors 1202, one ormore computer-readable RAMs 1204, one or more computer-readable ROMs1206, one or more computer readable storage media 1208, device drivers1212, read/write drive or interface 1214, and network adapter orinterface 1216, all interconnected over a communications fabric 1218.Communications fabric 1218 can be implemented with any architecturedesigned for passing data and/or control information between processors(such as microprocessors, communications and network processors, etc.),system memory, peripheral devices, and any other hardware componentswithin the system.

One or more operating systems 1210 and/or application programs 1211,such as network application server software 67 and database software 68of FIG. 11, are stored on one or more of the computer readable storagemedia 1208 for execution by one or more of the processors 1202 via oneor more of the respective RAMs 1204 (which typically include cachememory). In the illustrated embodiment, each of the computer readablestorage media 1208 can be a magnetic disk storage device of an internalhard drive, CD-ROM, DVD, memory stick, magnetic tape, magnetic disk,optical disk, a semiconductor storage device such as RAM, ROM, EPROM,flash memory, or any other computer readable storage media that canstore a computer program and digital information, in accordance withembodiments of the invention.

Computing device 1201 can also include a R/W drive or interface 1214 toread from and write to one or more portable computer readable storagemedia 1226. Application programs 1211 on computing devices 1201 can bestored on one or more of the portable computer readable storage media1226, read via the respective R/W drive or interface 1214 and loadedinto the respective computer readable storage media 1208.

Computing device 1201 can also include a network adapter or interface1216, such as a TCP/IP adapter card or wireless communication adapter.Application programs 1211 on computing devices 54A-N can be downloadedto the computing device from an external computer or external storagedevice via a network (for example, the Internet, a local area network orother wide area networks or wireless networks) and network adapter orinterface 1216. From the network adapter or interface 1216, the programsmay be loaded into the computer readable storage media 1208. The networkmay comprise copper wires, optical fibers, wireless transmission,routers, firewalls, switches, gateway computers and edge servers.

Computing device 1201 can also include a display screen 1220, a keyboardor keypad 1222, and a computer mouse or touchpad 1224. Device drivers1212 interface to display screen 1220 for imaging, to keyboard or keypad1222, to computer mouse or touchpad 1224, and/or to display screen 1220for pressure sensing of alphanumeric character entry and userselections. The device drivers 1212, R/W drive or interface 1214, andnetwork adapter or interface 1216 can comprise hardware and softwarestored in computer readable storage media 1208 and/or ROM 1206.

As may be used herein, the terms “substantially” and “approximately”provides an industry-accepted tolerance for its corresponding termand/or relativity between items. Such an industry-accepted toleranceranges from less than one percent to fifty percent and corresponds to,but is not limited to, component values, integrated circuit processvariations, temperature variations, rise and fall times, and/or thermalnoise. Such relativity between items ranges from a difference of a fewpercent to magnitude differences. As may also be used herein, theterm(s) “configured to”, “operably coupled to”, “coupled to”, and/or“coupling” includes direct coupling between items and/or indirectcoupling between items via an intervening item (e.g., an item includes,but is not limited to, a component, an element, a circuit, and/or amodule) where, for an example of indirect coupling, the intervening itemdoes not modify the information of a signal but may adjust its currentlevel, voltage level, and/or power level. As may further be used herein,inferred coupling (i.e., where one element is coupled to another elementby inference) includes direct and indirect coupling between two items inthe same manner as “coupled to”. As may even further be used herein, theterm “configured to”, “operable to”, “coupled to”, or “operably coupledto” indicates that an item includes one or more of power connections,input(s), output(s), etc., to perform, when activated, one or more itscorresponding functions and may further include inferred coupling to oneor more other items. As may still further be used herein, the term“associated with”, includes direct and/or indirect coupling of separateitems and/or one item being embedded within another item.

As may be used herein, the term “compares favorably”, indicates that acomparison between two or more items, signals, etc., provides a desiredrelationship. For example, when the desired relationship is that signal1 has a greater magnitude than signal 2, a favorable comparison may beachieved when the magnitude of signal 1 is greater than that of signal 2or when the magnitude of signal 2 is less than that of signal 1. As maybe used herein, the term “compares unfavorably”, indicates that acomparison between two or more items, signals, etc., fails to providethe desired relationship.

As may also be used herein, the terms “processing module”, “processingcircuit”, “processor”, and/or “processing unit” may be a singleprocessing device or a plurality of processing devices. Such aprocessing device may be a microprocessor, micro-controller, digitalsignal processor, microcomputer, central processing unit, fieldprogrammable gate array, programmable logic device, state machine, logiccircuitry, analog circuitry, digital circuitry, and/or any device thatmanipulates signals (analog and/or digital) based on hard coding of thecircuitry and/or operational instructions. The processing module,module, processing circuit, and/or processing unit may be, or furtherinclude, memory and/or an integrated memory element, which may be asingle memory device, a plurality of memory devices, and/or embeddedcircuitry of another processing module, module, processing circuit,and/or processing unit. Such a memory device may be a read-only memory,random access memory, volatile memory, non-volatile memory, staticmemory, dynamic memory, flash memory, cache memory, and/or any devicethat stores digital information. Note that if the processing module,module, processing circuit, and/or processing unit includes more thanone processing device, the processing devices may be centrally located(e.g., directly coupled together via a wired and/or wireless busstructure) or may be distributedly located (e.g., cloud computing viaindirect coupling via a local area network and/or a wide area network).Further note that if the processing module, module, processing circuit,and/or processing unit implements one or more of its functions via astate machine, analog circuitry, digital circuitry, and/or logiccircuitry, the memory and/or memory element storing the correspondingoperational instructions may be embedded within, or external to, thecircuitry comprising the state machine, analog circuitry, digitalcircuitry, and/or logic circuitry. Still further note that, the memoryelement may store, and the processing module, module, processingcircuit, and/or processing unit executes, hard coded and/or operationalinstructions corresponding to at least some of the steps and/orfunctions illustrated in one or more of the Figures. Such a memorydevice or memory element can be included in an article of manufacture.

One or more embodiments have been described above with the aid of methodsteps illustrating the performance of specified functions andrelationships thereof. The boundaries and sequence of these functionalbuilding blocks and method steps have been arbitrarily defined hereinfor convenience of description. Alternate boundaries and sequences canbe defined so long as the specified functions and relationships areappropriately performed. Any such alternate boundaries or sequences arethus within the scope and spirit of the claims. Further, the boundariesof these functional building blocks have been arbitrarily defined forconvenience of description. Alternate boundaries could be defined aslong as the certain significant functions are appropriately performed.Similarly, flow diagram blocks may also have been arbitrarily definedherein to illustrate certain significant functionality.

To the extent used, the flow diagram block boundaries and sequence couldhave been defined otherwise and still perform the certain significantfunctionality. Such alternate definitions of both functional buildingblocks and flow diagram blocks and sequences are thus within the scopeand spirit of the claims. One of average skill in the art will alsorecognize that the functional building blocks, and other illustrativeblocks, modules and components herein, can be implemented as illustratedor by discrete components, application specific integrated circuits,processors executing appropriate software and the like or anycombination thereof.

In addition, a flow diagram may include a “start” and/or “continue”indication. The “start” and “continue” indications reflect that thesteps presented can optionally be incorporated in or otherwise used inconjunction with other routines. In this context, “start” indicates thebeginning of the first step presented and may be preceded by otheractivities not specifically shown. Further, the “continue” indicationreflects that the steps presented may be performed multiple times and/ormay be succeeded by other activities not specifically shown. Further,while a flow diagram indicates a particular ordering of steps, otherorderings are likewise possible provided that the principles ofcausality are maintained.

The one or more embodiments are used herein to illustrate one or moreaspects, one or more features, one or more concepts, and/or one or moreexamples. A physical embodiment of an apparatus, an article ofmanufacture, a machine, and/or of a process may include one or more ofthe aspects, features, concepts, examples, etc. described with referenceto one or more of the embodiments discussed herein. Further, from figureto figure, the embodiments may incorporate the same or similarly namedfunctions, steps, modules, etc. that may use the same or differentreference numbers and, as such, the functions, steps, modules, etc. maybe the same or similar functions, steps, modules, etc. or differentones.

Unless specifically stated to the contra, signals to, from, and/orbetween elements in a figure of any of the figures presented herein maybe analog or digital, continuous time or discrete time, and single-endedor differential. For instance, if a signal path is shown as asingle-ended path, it also represents a differential signal path.Similarly, if a signal path is shown as a differential path, it alsorepresents a single-ended signal path. While one or more particulararchitectures are described herein, other architectures can likewise beimplemented that use one or more data buses not expressly shown, directconnectivity between elements, and/or indirect coupling between otherelements as recognized by one of average skill in the art.

The term “module” is used in the description of one or more of theembodiments. A module implements one or more functions via a device suchas a processor or other processing device or other hardware that mayinclude or operate in association with a memory that stores operationalinstructions. A module may operate independently and/or in conjunctionwith software and/or firmware. As also used herein, a module may containone or more sub-modules, each of which may be one or more modules.

The present invention may be a system, a method, and/or a computerprogram product at any possible technical detail level of integration.The computer program product may include a computer readable storagemedium (or media) having computer readable program instructions thereonfor causing a processor to carry out aspects of the present invention.

As may further be used herein, a computer readable memory includes oneor more memory elements. A memory element may be a separate memorydevice, multiple memory devices, or a set of memory locations within amemory device. Such a memory device may be a read-only memory, randomaccess memory, volatile memory, non-volatile memory, static memory,dynamic memory, flash memory, cache memory, and/or any device thatstores digital information. The memory device may be in a form a solidstate memory, a hard drive memory, cloud memory, thumb drive, servermemory, computing device memory, and/or other physical medium forstoring digital information.

The computer readable storage medium can be a tangible device that canretain and store instructions for use by an instruction executiondevice. The computer readable storage medium may be, for example, but isnot limited to, an electronic storage device, a magnetic storage device,an optical storage device, an electromagnetic storage device, asemiconductor storage device, or any suitable combination of theforegoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), aread-only memory (ROM), an erasable programmable read-only memory (EPROMor Flash memory), a static random access memory (SRAM), a portablecompact disc read-only memory (CD-ROM), a digital versatile disk (DVD),a memory stick, a floppy disk, a mechanically encoded device such aspunch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present invention may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, configuration data for integrated circuitry, oreither source code or object code written in any combination of one ormore programming languages, including an object oriented programminglanguage such as Smalltalk, C++, or the like, and procedural programminglanguages, such as the “C” programming language or similar programminglanguages. The computer readable program instructions may executeentirely on the user's computer, partly on the user's computer, as astand-alone software package, partly on the user's computer and partlyon a remote computer or entirely on the remote computer or server. Inthe latter scenario, the remote computer may be connected to the user'scomputer through any type of network, including a local area network(LAN) or a wide area network (WAN), or the connection may be made to anexternal computer (for example, through the Internet using an InternetService Provider). In some embodiments, electronic circuitry including,for example, programmable logic circuitry, field-programmable gatearrays (FPGA), or programmable logic arrays (PLA) may execute thecomputer readable program instructions by utilizing state information ofthe computer readable program instructions to personalize the electroniccircuitry, in order to perform aspects of the present invention.

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the blocks may occur out of theorder noted in the Figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts or carry out combinations of special purpose hardwareand computer instructions.

While particular combinations of various functions and features of theone or more embodiments have been expressly described herein, othercombinations of these features and functions are likewise possible. Thepresent disclosure is not limited by the particular examples disclosedherein and expressly incorporates these other combinations.

What is claimed is:
 1. A computing device comprising: an interfaceconfigured to interface and communicate with a communication system;memory that stores operational instructions; and processing circuitryoperably coupled to the interface and to the memory, wherein theprocessing circuitry is configured to execute the operationalinstructions to: process an input value that is associated with a keybased on a blinding key in accordance with a ThresholdPartially-Oblivious Pseudorandom Function (TP-OPRF) blinding operationto generate a blinded input; select a threshold number of shareholdercomputing devices that are associated with a Key Management System (KMS)service, wherein a TP-OPRF key includes a plurality of unique PRF keysthat are distributedly stored among a plurality of shareholder computingdevices, wherein the threshold number of shareholder computing devicesincludes fewer than or all of the plurality of shareholder computingdevices; transmit, via the communication system, the blinded input to atleast the threshold number of shareholder computing devices associatedwith the KMS service; receive, via the communication system and from theat least the threshold number of shareholder computing devicesassociated with the KMS service, at least a threshold number of blindedoutput components, wherein a blinded output component of the at leastthe threshold number of blinded output components is based on processingof the blinded input based on a Partially-Oblivious PseudorandomFunction (P-OPRF) using a unique share of a P-OPRF secret and anarbitrary exposed message by a shareholder computing device of theplurality of shareholder computing devices, wherein the arbitraryexposed message is known to the shareholder computing device of theplurality of shareholder computing devices, and the unique share of theP-OPRF secret is associated with the shareholder computing device of theplurality of shareholder computing devices; process the at least thethreshold number of blinded output components to generate a blindedoutput; process the blinded output based on the blinding key inaccordance with a TP-OPRF unblinding operation to generate the key thatis associated with the input value; and access secure information basedon the key.
 2. The computing device of claim 1, wherein another blindedoutput component of the at least the threshold number of blinded outputcomponents is based on processing of the blinded input based on theP-OPRF using another unique share of the P-OPRF secret and the arbitraryexposed message by another shareholder computing device of the pluralityof shareholder computing devices, wherein the arbitrary exposed messageis known to the another shareholder computing device of the plurality ofshareholder computing devices, and the another unique share of theP-OPRF secret is associated with the another shareholder computingdevice of the plurality of shareholder computing devices.
 3. Thecomputing device of claim 1, wherein the processing circuitry is furtherconfigured to execute the operational instructions to: determine thearbitrary exposed message; and transmit, via the communication system,the arbitrary exposed message to the at least the threshold number ofshareholder computing devices associated with the KMS service to be usedrespectively by the at least the threshold number of shareholdercomputing devices associated with the KMS service in accordance withprocessing of the blinded input based on the P-OPRF using respectiveunique shares of the P-OPRF secret to generate the at least thethreshold number of blinded output components.
 4. The computing deviceof claim 1, wherein the processing circuitry is further configured toexecute the operational instructions to: determine a first arbitraryexposed sub-message; and transmit, via the communication system, thefirst arbitrary exposed sub-message to the at least the threshold numberof shareholder computing devices associated with the KMS service to beprocessed by the at least the threshold number of shareholder computingdevices associated with the KMS service with a second arbitrary exposedsub-message to generate the arbitrary exposed message to be usedrespectively by the at least the threshold number of shareholdercomputing devices associated with the KMS service in accordance withprocessing of the blinded input based on the P-OPRF using respectiveunique shares of the P-OPRF secret to generate the at least thethreshold number of blinded output components.
 5. The computing deviceof claim 1, wherein: the plurality of shareholder computing devicesincludes a plurality of N shareholder computing devices; the thresholdnumber of shareholder computing devices includes a threshold number of Tshareholder computing devices; each PRF key of the plurality of uniquePRF keys is associated with a unique subset of size T of the pluralityof N shareholder computing devices; the shareholder computing device ofthe plurality of shareholder computing devices includes at least (N−1)choose T unique PRF keys of the plurality of unique PRF keys and alsoincludes the unique share of the P-OPRF secret that is generated basedon share conversion; and N and T are positive integers, wherein T isless than or equal to N.
 6. The computing device of claim 1, wherein:the input value is unknown to the plurality of shareholder computingdevices and includes a key identifier that is associated with the key;the key is unknown to the plurality of shareholder computing devices andincludes a Data Encryption Key (DEK) or a Key Encryption Key (KEK); andthe P-OPRF secret is unknown to the computing device and is based on aCustomer Root Key (CRK) that is associated with the computing device. 7.The computing device of claim 1, wherein at least one of: the computingdevice includes a wireless smart phone, a cellular phone, a laptop, apersonal digital assistant, a tablet, a personal computers (PC), a workstation, or a video game device; or at least one of the plurality ofshareholder computing devices includes a Hardware Security Module (HSM).8. The computing device of claim 1, wherein the communication systemincludes at least one of a wireless communication system, a wire linedcommunication system, a non-public intranet system, a public internetsystem, a local area network (LAN), a wireless local area network(WLAN), a wide area network (WAN), a satellite communication system, afiber-optic communication system, or a mobile communication system.
 9. Acomputing device comprising: an interface configured to interface andcommunicate with a communication system; memory that stores operationalinstructions; and processing circuitry operably coupled to the interfaceand to the memory, wherein the processing circuitry is configured toexecute the operational instructions to: process an input value that isassociated with a key based on a blinding key in accordance with aThreshold Partially-Oblivious Pseudorandom Function (TP-OPRF) blindingoperation to generate a blinded input, wherein key is unknown to aplurality of shareholder computing devices and includes a DataEncryption Key (DEK) or a Key Encryption Key (KEK); select a thresholdnumber of shareholder computing devices that are associated with a KeyManagement System (KMS) service, wherein a TP-OPRF key includes aplurality of unique PRF keys that are distributedly stored among theplurality of shareholder computing devices, wherein the threshold numberof shareholder computing devices includes fewer than or all of theplurality of shareholder computing devices; transmit, via thecommunication system, the blinded input to at least the threshold numberof shareholder computing devices associated with the KMS service;receive, via the communication system and from the at least thethreshold number of shareholder computing devices associated with theKMS service, at least a threshold number of blinded output components,wherein: a first blinded output component of the at least the thresholdnumber of blinded output components is based on processing of theblinded input based on a Partially-Oblivious Pseudorandom Function(P-OPRF) using a first unique share of a P-OPRF secret and an arbitraryexposed message by a first shareholder computing device of the pluralityof shareholder computing devices; a second blinded output component ofthe at least the threshold number of blinded output components is basedon processing of the blinded input based on the P-OPRF using a secondunique share of the P-OPRF secret and the arbitrary exposed message by asecond shareholder computing device of the plurality of shareholdercomputing devices; the first unique share of the P-OPRF secret isassociated with the first shareholder computing device of the pluralityof shareholder computing devices; and the second unique share of theP-OPRF secret is associated with the second shareholder computing deviceof the plurality of shareholder computing devices; process the at leastthe threshold number of blinded output components to generate a blindedoutput; process the blinded output based on the blinding key inaccordance with a TP-OPRF unblinding operation to generate the key thatis associated with the input value; and access secure information basedon the key.
 10. The computing device of claim 9, wherein the processingcircuitry is further configured to execute the operational instructionsto: determine the arbitrary exposed message; and transmit, via thecommunication system, the arbitrary exposed message to the at least thethreshold number of shareholder computing devices associated with theKMS service to be used respectively by the at least the threshold numberof shareholder computing devices associated with the KMS service inaccordance with processing of the blinded input based on the P-OPRFusing respective unique shares of the P-OPRF secret to generate the atleast the threshold number of blinded output components.
 11. Thecomputing device of claim 9, wherein the processing circuitry is furtherconfigured to execute the operational instructions to: determine a firstarbitrary exposed sub-message; and transmit, via the communicationsystem, the first arbitrary exposed sub-message to the at least thethreshold number of shareholder computing devices associated with theKMS service to be processed by the at least the threshold number ofshareholder computing devices associated with the KMS service with asecond arbitrary exposed sub-message to generate the arbitrary exposedmessage to be used respectively by the at least the threshold number ofshareholder computing devices associated with the KMS service inaccordance with processing of the blinded input based on the P-OPRFusing respective unique shares of the P-OPRF secret to generate the atleast the threshold number of blinded output components.
 12. Thecomputing device of claim 9, wherein: the plurality of shareholdercomputing devices includes a plurality of N shareholder computingdevices; the threshold number of shareholder computing devices includesa threshold number of T shareholder computing devices; each PRF key ofthe plurality of unique PRF keys is associated with a unique subset ofsize T of the plurality of N shareholder computing devices; theshareholder computing device of the plurality of shareholder computingdevices includes at least (N−1) choose T unique PRF keys of theplurality of unique PRF keys and also includes the unique share of theP-OPRF secret that is generated based on share conversion; and N and Tare positive integers, wherein T is less than or equal to N.
 13. Thecomputing device of claim 9, wherein at least one of: the computingdevice includes a wireless smart phone, a cellular phone, a laptop, apersonal digital assistant, a tablet, a personal computers (PC), a workstation, or a video game device; at least one of the plurality ofshareholder computing devices includes a Hardware Security Module (HSM);or the communication system includes at least one of a wirelesscommunication system, a wire lined communication system, a non-publicintranet system, a public internet system, a local area network (LAN), awireless local area network (WLAN), a wide area network (WAN), asatellite communication system, a fiber-optic communication system, or amobile communication system.
 14. A method for execution by a computingdevice, the method comprising: processing an input value that isassociated with a key based on a blinding key in accordance with aThreshold Partially-Oblivious Pseudorandom Function (TP-OPRF) blindingoperation to generate a blinded input; selecting a threshold number ofshareholder computing devices that are associated with a Key ManagementSystem (KMS) service, wherein a TP-OPRF key includes a plurality ofunique PRF keys that are distributedly stored among a plurality ofshareholder computing devices, wherein the threshold number ofshareholder computing devices includes fewer than or all of theplurality of shareholder computing devices; transmitting, via aninterface of the computing device that is configured to interface andcommunicate with a communication system and via the communicationsystem, the blinded input to at least the threshold number ofshareholder computing devices associated with the KMS service;receiving, via the interface, via the communication system, and from theat least the threshold number of shareholder computing devicesassociated with the KMS service, at least a threshold number of blindedoutput components, wherein a blinded output component of the at leastthe threshold number of blinded output components is based on processingof the blinded input based on a Partially-Oblivious PseudorandomFunction (P-OPRF) using a unique share of a P-OPRF secret and anarbitrary exposed message by a shareholder computing device of theplurality of shareholder computing devices, wherein the arbitraryexposed message is known to the shareholder computing device of theplurality of shareholder computing devices, and the unique share of theP-OPRF secret is associated with the shareholder computing device of theplurality of shareholder computing devices; processing the at least thethreshold number of blinded output components to generate a blindedoutput; processing the blinded output based on the blinding key inaccordance with a TP-OPRF unblinding operation to generate the key thatis associated with the input value; and accessing secure informationbased on the key.
 15. The method of claim 14, wherein another blindedoutput component of the at least the threshold number of blinded outputcomponents is based on processing of the blinded input based on theP-OPRF using another unique share of the P-OPRF secret and the arbitraryexposed message by another shareholder computing device of the pluralityof shareholder computing devices, wherein the arbitrary exposed messageis known to the another shareholder computing device of the plurality ofshareholder computing devices, and the another unique share of theP-OPRF secret is associated with the another shareholder computingdevice of the plurality of shareholder computing devices.
 16. The methodof claim 14 further comprising: determining the arbitrary exposedmessage; and transmitting, via the interface and via the communicationsystem, the arbitrary exposed message to the at least the thresholdnumber of shareholder computing devices associated with the KMS serviceto be used respectively by the at least the threshold number ofshareholder computing devices associated with the KMS service inaccordance with processing of the blinded input based on the P-OPRFusing respective unique shares of the P-OPRF secret to generate the atleast the threshold number of blinded output components.
 17. The methodof claim 14 further comprising: determining a first arbitrary exposedsub-message; and transmitting, via the interface and via thecommunication system, the first arbitrary exposed sub-message to the atleast the threshold number of shareholder computing devices associatedwith the KMS service to be processed by the at least the thresholdnumber of shareholder computing devices associated with the KMS servicewith a second arbitrary exposed sub-message to generate the arbitraryexposed message to be used respectively by the at least the thresholdnumber of shareholder computing devices associated with the KMS servicein accordance with processing of the blinded input based on the P-OPRFusing respective unique shares of the P-OPRF secret to generate the atleast the threshold number of blinded output components.
 18. The methodof claim 14, wherein: the plurality of shareholder computing devicesincludes a plurality of N shareholder computing devices; the thresholdnumber of shareholder computing devices includes a threshold number of Tshareholder computing devices; each PRF key of the plurality of uniquePRF keys is associated with a unique subset of size T of the pluralityof N shareholder computing devices; the shareholder computing device ofthe plurality of shareholder computing devices includes at least (N−1)choose T unique PRF keys of the plurality of unique PRF keys; and N andT are positive integers, wherein T is less than or equal to N.
 19. Themethod of claim 14, wherein: the input value is unknown to the pluralityof shareholder computing devices and includes a key identifier that isassociated with the key; the key is unknown to the plurality ofshareholder computing devices and includes a Data Encryption Key (DEK)or a Key Encryption Key (KEK); and the P-OPRF secret is unknown to thecomputing device and is based on a Customer Root Key (CRK) that isassociated with the computing device.
 20. The method of claim 14,wherein at least one of: the computing device includes a wireless smartphone, a cellular phone, a laptop, a personal digital assistant, atablet, a personal computers (PC), a work station, or a video gamedevice; at least one of the plurality of shareholder computing devicesincludes a Hardware Security Module (HSM); or the communication systemincludes at least one of a wireless communication system, a wire linedcommunication system, a non-public intranet system, a public internetsystem, a local area network (LAN), a wireless local area network(WLAN), a wide area network (WAN), a satellite communication system, afiber-optic communication system, or a mobile communication system.